Fail2ban配置

来自Dennis的知识库
2013年8月18日 (日) 04:00Dennis zhuang讨论 | 贡献的版本

(差异) ←上一版本 | 最后版本 (差异) | 下一版本→ (差异)
跳转到: 导航搜索

一个示范配置如下,设置nginx http basic认证密码重试次数上限,如果超过就ban一个小时。

配置filter 

   /etc/fail2ban/filter.d/nginx-auth.conf

   [Definition]
   failregex = no user/password was provided for basic authentication.*client: <HOST>
                 user .* was not found in.*client: <HOST>
                 user .* password mismatch.*client: <HOST>
   ignoreregex = </host></host></host>

配置fail2ban,启用filter 

   /etc/fail2ban/jail.conf

   [nginx-auth]
   enabled = true
   filter = nginx-auth
   action = iptables[name=NoAuthFailures, port=80, protocol=tcp]
   logpath = /var/log/nginx*/*error*.log
   bantime = 3600 # 1 hour
   maxretry = 3

执行测试命令 

   fail2ban-regex /var/log/nginx/localhost.error_log /etc/fail2ban/filter.d/nginx-auth.conf

摘自 http://serverfault.com/questions/421046/how-to-limit-nginx-auth-basic-re-tries

来自“http://wiki.fnil.net/index.php?title=Fail2ban配置&oldid=336
个人工具
名字空间

变换
操作
导航
工具箱