60 lines
1.5 KiB
Plaintext
60 lines
1.5 KiB
Plaintext
|
## Version 2022/08/20 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/fail2ban/jail.local
|
||
|
# This is the custom version of the jail.conf for fail2ban
|
||
|
# Feel free to modify this and add additional filters
|
||
|
# Then you can drop the new filter conf files into the fail2ban-filters
|
||
|
# folder and restart the container
|
||
|
|
||
|
[DEFAULT]
|
||
|
# Prevents banning LAN subnets
|
||
|
ignoreip = 10.0.0.0/8
|
||
|
192.168.0.0/16
|
||
|
172.16.0.0/12
|
||
|
|
||
|
# Changes the default ban action from "iptables-multiport", which causes issues on some platforms, to "iptables-allports".
|
||
|
banaction = iptables-allports
|
||
|
|
||
|
# "bantime" is the number of seconds that a host is banned.
|
||
|
bantime = 600
|
||
|
|
||
|
# A host is banned if it has generated "maxretry" during the last "findtime"
|
||
|
# seconds.
|
||
|
findtime = 600
|
||
|
|
||
|
# "maxretry" is the number of failures before a host get banned.
|
||
|
maxretry = 5
|
||
|
|
||
|
|
||
|
[ssh]
|
||
|
enabled = false
|
||
|
|
||
|
[nginx-http-auth]
|
||
|
enabled = true
|
||
|
filter = nginx-http-auth
|
||
|
port = http,https
|
||
|
logpath = /config/log/nginx/error.log
|
||
|
|
||
|
[nginx-badbots]
|
||
|
enabled = true
|
||
|
port = http,https
|
||
|
filter = nginx-badbots
|
||
|
logpath = /config/log/nginx/access.log
|
||
|
maxretry = 2
|
||
|
|
||
|
[nginx-botsearch]
|
||
|
enabled = true
|
||
|
port = http,https
|
||
|
filter = nginx-botsearch
|
||
|
logpath = /config/log/nginx/access.log
|
||
|
|
||
|
[nginx-deny]
|
||
|
enabled = true
|
||
|
port = http,https
|
||
|
filter = nginx-deny
|
||
|
logpath = /config/log/nginx/error.log
|
||
|
|
||
|
[nginx-unauthorized]
|
||
|
enabled = true
|
||
|
port = http,https
|
||
|
filter = nginx-unauthorized
|
||
|
logpath = /config/log/nginx/access.log
|