Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [nginx-auth]
- enabled = true
- filter = nginx-auth
- action = iptables[name=NoAuthFailures, port=80, protocol=tcp]
- logpath = /var/log/nginx/error.log
- bantime = 3600
- maxretry = 6
- [nginx-login]
- enabled = true
- filter = nginx-login
- action = iptables-multiport[name=NoLoginFailures, port="http,https"]
- logpath = /var/log/nginx/access.log
- bantime = 3600
- maxretry = 6
- [nginx-badbots]
- enabled = true
- filter = apache-badbots
- action = iptables-multiport[name=BadBots, port="http,https"]
- logpath = /var/log/nginx/access.log
- bantime = 86400
- maxretry = 1
- [nginx-noscript]
- enabled = true
- action = iptables-multiport[name=NoScript, port="http,https"]
- filter = nginx-noscript
- logpath = /var/log/nginx/access.log
- maxretry = 6
- bantime = 86400
- [nginx-proxy]
- enabled = true
- action = iptables-multiport[name=NoProxy, port="http,https"]
- filter = nginx-proxy
- logpath = /var/log/nginx/access.log
- maxretry = 0
- bantime = 86400
- [wordpress]
- enabled = true
- filter = wordpress
- logpath = /var/log/auth.log
- port = http,https
- maxretry = 5
- findtime = 10800
- bantime = 86400
- [nginx-req-limit]
- enabled = true
- filter = nginx-req-limit
- action = iptables-multiport[name=ReqLimit, port="http,https", protocol=tcp]
- logpath = /var/log/nginx/error.log
- findtime = 600
- bantime = 7200
- maxretry = 10
- [nginx-dos]
- # Based on apache-badbots but a simple IP check (any IP requesting more than
- # 240 pages in 60 seconds, or 4p/s average, is suspicious)
- # Block for two full days.
- # @author Yannick Warnier
- enabled = true
- port = http,8090
- filter = nginx-dos
- logpath = /var/log/nginx/access.log
- findtime = 60
- bantime = 172800
- maxretry = 240
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement