FAIL2BAN - Filter.d - http-xss
From IT-Arts.net
! Should be customized to your needs !
Filter.d
[Definition]
# http-xss.conf
# Cross-Site Scripting (XSS)
# Matches typical XSS attack vectors where input is reflected on the web page
failregex = ^<HOST>.*(<script.*>.*</script>|<.*javascript:.*|<.*onerror=.*|<.*onload=.*|<.*alert\(.*\)).*$
ignoreregex =
Jail.conf
[http-xss] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling
