18 lines
694 B
Plaintext
18 lines
694 B
Plaintext
|
[nginx]
|
||
|
enabled = true
|
||
|
# See: /etc/fail2ban/filter.d/nginx-botsearch.conf
|
||
|
filter = nginx-botsearch
|
||
|
{% if (ansible_distribution == 'Debian' and ansible_distribution_major_version is version('11', '>=')) or (ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('20.04', '>=')) %}
|
||
|
# Integrate with nftables
|
||
|
banaction=nftables[type=allports]
|
||
|
{% else %}
|
||
|
# Integrate with firewalld and ipsets
|
||
|
banaction = firewallcmd-ipset
|
||
|
{% endif %}
|
||
|
logpath = /var/log/nginx/*-access.log
|
||
|
# Try to find a non-existent wp-login.php once and get banned. Tough luck.
|
||
|
maxretry = 1
|
||
|
findtime = {{ fail2ban_findtime }}
|
||
|
bantime = {{ fail2ban_bantime }}
|
||
|
ignoreip = {{ fail2ban_ignoreip }}
|