FAIL2BAN - Filter.d - http-502-503
From IT-Arts.net
! Should be customized to your needs !
Filter.d
# /etc/fail2ban/filter.d/http-502-503.conf
[Definition]
failregex = ^<HOST> -.*"(GET|POST|HEAD|PUT|DELETE|OPTIONS|PATCH|TRACE).*HTTP.*" (502|503)
^<HOST> -.*"[^"]*" (502|503)
ignoreregex =
Jail.conf
[http-502-503]
enabled = true
banaction = %(banaction_allports)s
logpath = /var/log/nginx/*error*.log
/var/log/nginx/*access*.log
maxretry = 20
findtime = 1d
bantime = 1d
backend = polling
