XIVY-15829 Add an example with NGINX with rate limits and fail2ban #252
Conversation
| @@ -0,0 +1,21 @@ | |||
| # Fail2Ban configuration file | |||
There was a problem hiding this comment.
do you really need to add all the fail2ban configuration files. are these not already part of the container itself?
if they are already in the container, then I would not define them here. because they are getting outdated.
There was a problem hiding this comment.
No, they are not part of this image. I copied them from the swag image. But here I use the fail2ban image itself.
There was a problem hiding this comment.
Sorry seems that only this nginx-badbots.conf is not here by default. I would remove it. I do not think that this filter helps a lot. The other filters should be inside the image.
There was a problem hiding this comment.
Cool.
There is also a nginx-limit-req fail2ban jail. If you get rate limitted to often you also get banned ;).
# To use 'nginx-limit-req' jail you should have `ngx_http_limit_req_module`
# and define `limit_req` and `limit_req_zone` as described in nginx documentation
# http://nginx.org/en/docs/http/ngx_http_limit_req_module.html
# or for example see in 'config/filter.d/nginx-limit-req.conf'
[nginx-limit-req]
port = http,https
| [Definition] | ||
|
|
||
| logtarget = STDOUT | ||
| dbfile = /config/fail2ban/fail2ban.sqlite3 |
|
Please fix the warnings in the nginx log: |
There was a problem hiding this comment.
May be document how we can see the fail2ban logs? docker compose logs fail2ban
weissreto
force-pushed
the
feature/XIVY-15829_fail2ban
branch
from
bd43003 to
9ffe936
Compare
No description provided.