Nginx Filters for Fail2Ban

When making my other servers I was double checking fail2ban configurations and noticed there is no fail2ban settings for nginx seeing as the webmail runs on it. Not sure if it’s an issue, or anything but I was hoping some other could tell me if I am on the right track, or if it’s not even necessary.

I did this for my email server which runs nginx as the web server.

In the /etc/fail2ban/jail.local

[nginx-http-auth]
enabled  = true
filter   = nginx-http-auth
port     = http,https
logpath  = /var/log/nginx/error.log
[nginx-badbots]
enabled  = true
port     = http,https
filter   = nginx-badbots
logpath  = /var/log/nginx/access.log
maxretry = 2

thencd /etc/fail2ban/filter.d
sudo nano nginx-http-auth.conf

make sure it’s like below

[Definition]


failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (password mismatch|was not found in ".*"), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"\s*$
            ^ \[error\] \d+#\d+: \*\d+ no user/password was provided for basic authentication, client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"\s*$

ignoreregex =

copy badbots config from apache
sudo cp apache-badbots.conf nginx-badbots.conf

Author: Alon Ganon

I serve as a technology research associate for DTG3D. I am a technology specialist, very focused on understanding the details and applications of new technology trends. With a background in Windows, Mac OS X, GNU/Linux, and FreeBSD operating systems, I provide practical approaches to the integration of new technology into an IT and general business environment. I am currently is involved in the analysis of augmented and virtual reality systems. I also spend my free time advocating for freedom in software, and in all facets of our life. I have been working on computers since I was 4 years old under my father's company DTG3D. I built my first computer at 7 years old, and I am primarily self taught and self trained in regards to the majority of his IT skills due to decades of being surrounded by technology everyday. My philosophy is, "You are not dead, until you stop learning."

2 thoughts on “Nginx Filters for Fail2Ban”

Leave a Reply

Your email address will not be published. Required fields are marked *