From 61a4fce62235eeae199c4b26aa3dc7c9ade6f0cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Pedro=20Toledo?= <joao.goncalves@itguys.com.br>
Date: Thu, 5 Feb 2026 14:37:47 -0300
Subject: [PATCH] feat(fail2ban): cleanup unused jails and add nginx-unified
 config

---
 .../data/fail2ban/jail.d/nginx-unified.conf   | 34 +++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 fail2ban/data/fail2ban/jail.d/nginx-unified.conf

diff --git a/fail2ban/data/fail2ban/jail.d/nginx-unified.conf b/fail2ban/data/fail2ban/jail.d/nginx-unified.conf
new file mode 100644
index 0000000..e5d13f1
--- /dev/null
+++ b/fail2ban/data/fail2ban/jail.d/nginx-unified.conf
@@ -0,0 +1,34 @@
+[nginx-limit-req]
+enabled = true
+port    = http,https
+filter  = nginx-limit-req
+logpath = /var/log/nginx/*.error.log
+maxretry = 1
+
+[nginx-badbots]
+enabled  = true
+port     = http,https
+filter   = apache-badbots
+logpath  = /var/log/nginx/*.access.log
+maxretry = 2
+
+[nginx-deny]
+enabled = true
+port    = http,https
+filter  = nginx-deny
+logpath = /var/log/nginx/*.error.log
+maxretry = 1
+
+[nginx-unauthorized]
+enabled = true
+port    = http,https
+filter  = nginx-unauthorized
+logpath = /var/log/nginx/*.access.log
+maxretry = 3
+
+[nginx-bad-request]
+enabled = true
+port    = http,https
+filter  = nginx-bad-request
+logpath = /var/log/nginx/*.error.log
+maxretry = 1