ansible-personal/roles/common/templates/etc/fail2ban/jail.d/nginx.local.j2

[nginx]
enabled   = true
# See: /etc/fail2ban/filter.d/nginx-botsearch.conf
filter    = nginx-botsearch
# Integrate with nftables
banaction=nftables[type=allports]
backend   = pyinotify
logpath   = /var/log/nginx/*-access.log
# Try to find a non-existent wp-login.php once and get banned. Tough luck.
maxretry  = 1
findtime  = {{ fail2ban_findtime }}
bantime   = {{ fail2ban_bantime }}
ignoreip  = {{ fail2ban_ignoreip }}