c8h4/nixos-config
1
0
Fork 0
Code Issues Actions Activity

services: nginx: enable fail2ban 'apache-badbots' filter

Browse source 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
This commit is contained in:
Christoph Heiss 2024-08-19 10:36:10 +02:00
parent 9250581753
commit e373b1aa98
Signed by: c8h4
GPG key ID: 1538094429952F86
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
services/nginx.nix
View file

@ -48,4 +48,16 @@
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
};
services.fail2ban.jails.apache-badbots =
lib.mkIf config.services.fail2ban.enable {
settings = {
enabled = true;
port = "http,https";
filter = "apache-badbots";
logpath = "/var/log/nginx/access.log";
maxretry = 1;
bantime = "72h";
};
};
}