Add nginx filter for fail2ban
Some hosts can use fail2ban's nginx-botsearch filter to ban anyone making requests to non-existent files like wp-login.php. There is no reason to request such files naively and anyone found doing so can be banned immediately. In theory I should report them to AbuseIPDB.com, but that will take a little more wiring up.
This commit is contained in:
8
group_vars/web
Normal file
8
group_vars/web
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
# file: group_vars/web
|
||||
|
||||
# all hosts run fail2ban with the sshd filter, but some can use other filters
|
||||
extra_fail2ban_filters:
|
||||
- nginx
|
||||
|
||||
# vim: set ts=2 sw=2:
|
||||
Reference in New Issue
Block a user