Estoy intentando configurar algunas cárceles relacionadas con Nginx. Pero noté que fail2ban prohíbe la IP con IPTables, pero aún puedo usar el formulario para iniciar sesión.
[sshd]
enabled = true
filter = sshd
maxretry = 3
action = iptables[name=SSH, port=xxxxx, protocol=tcp]
telegram
port = 23561
bantime = -1
findtime = 30m
logpath = %(sshd_log)s
backend = %(sshd_backend)s
[nginx-auth]
enabled = true
filter = nginx-auth
action = iptables-multiport[name=NoAuthFailures, port="http,https"]
logpath = /var/log/nginx*/*error*.log
bantime = -1
maxretry = 6
[nginx-login]
enabled = true
filter = nginx-login
action = iptables-multiport[name=NoLoginFailures, port="http,https"]
telegram
logpath = /var/log/nginx*/*access*.log
bantime = -1
maxretry = 6
[nginx-badbots]
enabled = true
filter = apache-badbots
action = iptables-multiport[name=BadBots, port="http,https"]
telegram
logpath = /var/log/nginx*/*access*.log
bantime = -1
maxretry = 1
[nginx-noscript]
enabled = true
action = iptables-multiport[name=NoScript, port="http,https"]
telegram
filter = nginx-noscript
logpath = /var/log/nginx*/*access*.log
maxretry = 6
bantime = -1
[nginx-proxy]
enabled = true
action = iptables-multiport[name=NoProxy, port="http,https"]
telegram
filter = nginx-proxy
logpath = /var/log/nginx*/*access*.log
maxretry = 0
bantime = -1
Mis filtros están tomados de:https://snippets.aktagon.com/snippets/554-how-to-secure-an-nginx-server-with-fail2ban