sander1 · January 23, 2024 15:40 · ghost · Mar 16, 2018
diff --git a/nginx.local b/nginx.local
 # fail2ban filter configuration for nginx, by Sander
 # 1) Catch WordPress related requests (we don't have WordPress on this server)
 # 2) Catch requests for certain scripts we don't host
 # 3) Catch script requests we don't host
 # 4) Catch referer spam

 [Definition]

 failregex = ^<HOST> .* "(GET|POST|HEAD) /+(?i)(wp(-|/)|xmlrpc\.php|\?author=1)
            ^<HOST> .* "(GET|POST|HEAD|PROPFIND) /+(?i)(a2billing|admin|apache|axis|blog|cfide|cgi|cms|config|etc|\.git|hnap|inc|jenkins|jmx-|joomla|lib|linuxsucks|msd|muieblackcat|mysql|myadmin|n0w|owa-autodiscover|pbxip|php|pma|recordings|sap|sdk|script|service|shell|sqlite|vmskdl44rededd|vtigercrm|w00tw00t|webdav|websql|wordpress|xampp|xxbb)
            ^<HOST> .* "(GET|POST|HEAD) /[^"]+\.(asp|cgi|exe|jsp|mvc|pl)( |\?)
            ^<HOST> .*(?i)(/bash|burger-imperia|changelog|hundejo|hvd-store|jorgee|masscan|pizza-imperia|pizza-tycoon|servlet|testproxy|uploadify)

 ignoreregex =
	# fail2ban filter configuration for nginx, by Sander
	# 1) Catch WordPress related requests (we don't have WordPress on this server)
	# 2) Catch requests for certain scripts we don't host
	# 3) Catch script requests we don't host
	# 4) Catch referer spam

	[Definition]

	failregex = ^<HOST> .* "(GET\|POST\|HEAD) /+(?i)(wp(-\|/)\|xmlrpc\.php\|\?author=1)
	^<HOST> .* "(GET\|POST\|HEAD\|PROPFIND) /+(?i)(a2billing\|admin\|apache\|axis\|blog\|cfide\|cgi\|cms\|config\|etc\|\.git\|hnap\|inc\|jenkins\|jmx-\|joomla\|lib\|linuxsucks\|msd\|muieblackcat\|mysql\|myadmin\|n0w\|owa-autodiscover\|pbxip\|php\|pma\|recordings\|sap\|sdk\|script\|service\|shell\|sqlite\|vmskdl44rededd\|vtigercrm\|w00tw00t\|webdav\|websql\|wordpress\|xampp\|xxbb)
	^<HOST> .* "(GET\|POST\|HEAD) /[^"]+\.(asp\|cgi\|exe\|jsp\|mvc\|pl)( \|\?)
	^<HOST> .*(?i)(/bash\|burger-imperia\|changelog\|hundejo\|hvd-store\|jorgee\|masscan\|pizza-imperia\|pizza-tycoon\|servlet\|testproxy\|uploadify)

	ignoreregex =