From 7419cedb67d2e2f539ae707d222f8684275c49f0 Mon Sep 17 00:00:00 2001 From: "srvproxy001.itguys.com.br" Date: Sun, 28 Sep 2025 12:14:40 -0300 Subject: [PATCH] =?UTF-8?q?[Auto-Sync]=20Atualiza=C3=A7=C3=A3o=20das=20con?= =?UTF-8?q?figura=C3=A7=C3=B5es=20em=20srvproxy001.itguys.com.br=20-=20202?= =?UTF-8?q?5-09-28=2012:14:39?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- fail2ban/jail.local | 61 --------------------------------------------- 1 file changed, 61 deletions(-) diff --git a/fail2ban/jail.local b/fail2ban/jail.local index 8ed646a..dec9fbb 100644 --- a/fail2ban/jail.local +++ b/fail2ban/jail.local @@ -17,64 +17,3 @@ enabled = true backend = systemd # --- AS NOSSAS JAILS PERSONALIZADAS PARA O NGINX --- - -[nginx-json-attacks] -enabled = true -port = http,https -# Usa o filtro nginx-json-attacks -filter = nginx-json-attacks -logpath = /var/log/nginx/access.log -maxretry = 5 -findtime = 30s -bantime = 2h - -[nginx-ddos] -enabled = false -port = http,https -# Usa o filtro nginx-json-ddos -filter = nginx-json-ddos -logpath = /var/log/nginx/access.log -maxretry = 100 -findtime = 60s -bantime = 1h - -[recidive] -enabled = true -logpath = /var/log/fail2ban.log -banaction = %(banaction_allports)s -bantime = 1w -findtime = 1d -maxretry = 3 - -[gitea] -enabled = true -port = http,https -filter = nginx-json-gitea -logpath = /var/log/nginx/access.log -maxretry = 5 -findtime = 5m -bantime = 1h - -[exchange-authip] -enabled = true -port = https -# O tráfego de login é sempre HTTPS -filter = nginx-json-exchange -logpath = /var/log/nginx/access.log -maxretry = 5 -# Bane após 5 tentativas de login -findtime = 5m -# Numa janela de 5 minutos -bantime = 24h -# Bane por 24 horas. Ataques ao Exchange são sérios. - -[nginx-json-scanners] -enabled = true -port = http,https -filter = nginx-json-scanners -logpath = /var/log/nginx/access.log -maxretry = 2 -# Scanners não precisam de muitas chances. -findtime = 10m -bantime = 1w -# Bane scanners por uma semana.