Merge pull request #447 from linuxserver/nginx-deny-filter

nemchik · web-flow · commit 155f97c9272b · 2020-05-10T08:57:15.000-05:00
fail2ban support for deny statements
diff --git a/root/defaults/fail2ban/filter.d/nginx-deny.conf b/root/defaults/fail2ban/filter.d/nginx-deny.conf
@@ -0,0 +1,15 @@
+# fail2ban filter configuration for nginx
+
+
+[Definition]
+
+
+failregex = ^ \[error\] \d+#\d+: \*\d+ (access forbidden by rule), client: <HOST>, server: \S*, request: "\S+ \S+ HTTP\/\d+\.\d+", host: "\S+"(?:, referrer: "\S+")?\s*$
+
+ignoreregex =
+
+datepattern = {^LN-BEG}
+
+# DEV NOTES:
+#
+# Author: Will L (driz@linuxserver.io)
diff --git a/root/defaults/jail.local b/root/defaults/jail.local
@@ -48,3 +48,10 @@ enabled  = true
 port     = http,https
 filter   = nginx-botsearch
 logpath  = /config/log/nginx/access.log
+
+[nginx-deny]
+
+enabled  = true
+port     = http,https
+filter   = nginx-deny
+logpath  = /config/log/nginx/error.log
