added nginx-badbots fail2ban rule https://stackoverflow.com/a/65552146
This commit is contained in:
parent
d2380db06b
commit
4b3ccb3fff
5
assets/fail2ban/filter.d/nginx-badbots.conf
Normal file
5
assets/fail2ban/filter.d/nginx-badbots.conf
Normal file
@ -0,0 +1,5 @@
|
||||
[Definition]
|
||||
|
||||
failregex = FastCGI sent in stderr: "Primary script unknown" .*, client: <HOST>
|
||||
|
||||
ignoreregex =
|
7
assets/fail2ban/jail.d/nginx-badbots.conf
Normal file
7
assets/fail2ban/jail.d/nginx-badbots.conf
Normal file
@ -0,0 +1,7 @@
|
||||
[nginx-badbots]
|
||||
|
||||
enabled = true
|
||||
port = http,https
|
||||
filter = <FILTER>
|
||||
logpath = <LOGPATH>
|
||||
maxretry = 2
|
10
bin/vhost.sh
10
bin/vhost.sh
@ -106,6 +106,16 @@ if [ "$vh" = "y" ]; then
|
||||
chmod -R g+w /var/www/"$_domain"/
|
||||
chmod -R g+r /var/www/"$_domain"/
|
||||
|
||||
#set fail2ban for vhost
|
||||
# https://stackoverflow.com/a/65552146
|
||||
cp "$_assets/fail2ban/jail.d/nginx-badbots.conf" "/etc/fail2ban/jail.d/nginx-badbots-$_domain.conf"
|
||||
sed -i -r "s/\[nginx-badbots\]/\[nginx-badbots-$_domain\]/g" "/etc/fail2ban/jail.d/nginx-badbots-$_domain.conf"
|
||||
sed -i -r "s/<FILTER>/\[nginx-badbots-$_domain\]/g" "/etc/fail2ban/jail.d/nginx-badbots-$_domain.conf"
|
||||
sed -i -r "s/<LOGPATH>/\/var\/www\/$_domain\/log\/error.log/g" "/etc/fail2ban/jail.d/nginx-badbots-$_domain.conf"
|
||||
|
||||
cp "$_assets/fail2ban/filter.d/nginx-badbots.conf" "/etc/fail2ban/filter.d/nginx-badbots-$_domain.conf"
|
||||
sed -i -r "s/<HOST>/$_domain/g" "/etc/fail2ban/filter.d/nginx-badbots-$_domain.conf"
|
||||
|
||||
|
||||
|
||||
# create a shortcut to the site
|
||||
|
Loading…
x
Reference in New Issue
Block a user