Linux Consulting & Training

User Tools

Site Tools

Trace:
notes:fail2ban

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
notes:fail2ban [2014/09/08 14:10] – [fail2ban for postfix/ssh] adminnotes:fail2ban [2014/09/08 14:12] – [Nginx] admin
Line 17: Line 17:
   fail2ban-client reload   fail2ban-client reload
  
-===== Nginx =====+===== fail2ban for Nginx =====
 Scanning in search of broken script is quite frequent. My nginx ''error.log'' file is full of (IP obfuscated): Scanning in search of broken script is quite frequent. My nginx ''error.log'' file is full of (IP obfuscated):
-  2014/05/28 21:59:00 [error] 17394#0: *105 open() "/var/www/mailing/www/admin/images/rn_logo.gif" failed (2: No such file or directory), client: 64.39.256.256, server: XYZ, request: "GET /admin/images/rn_logo.gif HTTP/1.1", host: "XYZ" +  2014/05/28 21:59:00 [error] 17394#0: *105 open() "/var/www/mailing/www/admin/images/rn_logo.gif" failed (2: No such file or directory), client: 1.2.3.4, server: XYZ, request: "GET /admin/images/rn_logo.gif HTTP/1.1", host: "XYZ" 
-  2014/05/28 21:59:00 [error] 17394#0: *105 open() "/var/www/mailing/www/vncviewer.jar" failed (2: No such file or directory), client: 64.39.256.256, server: XYZ, request: "GET /vncviewer.jar HTTP/1.1", host: "XYZ" +  2014/05/28 21:59:00 [error] 17394#0: *105 open() "/var/www/mailing/www/vncviewer.jar" failed (2: No such file or directory), client: 1.2.3.4, server: XYZ, request: "GET /vncviewer.jar HTTP/1.1", host: "XYZ" 
-  2014/05/28 21:59:01 [error] 17393#0: *111 "/var/www/mailing/www/Q_Evasive/index.php" is not found (2: No such file or directory), client: 64.39.256.256, server: XYZ, request: "GET /Q_Evasive/ HTTP/1.1", host: "XYZ" +  2014/05/28 21:59:01 [error] 17393#0: *111 "/var/www/mailing/www/Q_Evasive/index.php" is not found (2: No such file or directory), client: 1.2.3.4, server: XYZ, request: "GET /Q_Evasive/ HTTP/1.1", host: "XYZ" 
-  2014/05/28 21:59:01 [error] 17393#0: *109 open() "/var/www/mailing/www/formmail.html" failed (2: No such file or directory), client: 64.39.256.256, server: XYZ, request: "GET /formmail.html HTTP/1.0", host: "XYZ"+  2014/05/28 21:59:01 [error] 17393#0: *109 open() "/var/www/mailing/www/formmail.html" failed (2: No such file or directory), client: 1.2.3.4, server: XYZ, request: "GET /formmail.html HTTP/1.0", host: "XYZ"
  
 Create new filter /etc/fail2ban/filter.d/nginx-scan.conf Create new filter /etc/fail2ban/filter.d/nginx-scan.conf
Line 61: Line 61:
   maxretry = 240   maxretry = 240
  
-More advanced filters available at [1]. +More advanced filters for Nginx available at [1].
- +
-Remember to reload rules with +
- +
-  fail2ban-client reload+
  
 [1] [[http://serverfault.com/questions/420895/how-to-use-fail2ban-for-nginx]] [1] [[http://serverfault.com/questions/420895/how-to-use-fail2ban-for-nginx]]
notes/fail2ban.txt · Last modified: 2014/09/08 14:12 by admin