Я пытаюсь настроить некоторые джейлы, связанные с Nginx. Но я заметил, что fail2ban банит IP с IPTables, но я все еще могу использовать форму для входа.
[sshd]
enabled = true
filter = sshd
maxretry = 3
action = iptables[name=SSH, port=xxxxx, protocol=tcp]
telegram
port = 23561
bantime = -1
findtime = 30m
logpath = %(sshd_log)s
backend = %(sshd_backend)s
[nginx-auth]
enabled = true
filter = nginx-auth
action = iptables-multiport[name=NoAuthFailures, port="http,https"]
logpath = /var/log/nginx*/*error*.log
bantime = -1
maxretry = 6
[nginx-login]
enabled = true
filter = nginx-login
action = iptables-multiport[name=NoLoginFailures, port="http,https"]
telegram
logpath = /var/log/nginx*/*access*.log
bantime = -1
maxretry = 6
[nginx-badbots]
enabled = true
filter = apache-badbots
action = iptables-multiport[name=BadBots, port="http,https"]
telegram
logpath = /var/log/nginx*/*access*.log
bantime = -1
maxretry = 1
[nginx-noscript]
enabled = true
action = iptables-multiport[name=NoScript, port="http,https"]
telegram
filter = nginx-noscript
logpath = /var/log/nginx*/*access*.log
maxretry = 6
bantime = -1
[nginx-proxy]
enabled = true
action = iptables-multiport[name=NoProxy, port="http,https"]
telegram
filter = nginx-proxy
logpath = /var/log/nginx*/*access*.log
maxretry = 0
bantime = -1
Мои фильтры взяты из:https://snippets.aktagon.com/snippets/554-как-защитить-сервер-nginx-с-fail2ban