[Auto-Sync] Atualização das configurações em srvproxy001.itguys.com.br - 2025-09-28 12:14:39

fail2ban/jail.local

@@ -17,64 +17,3 @@ enabled = true
 backend = systemd
 
 # --- AS NOSSAS JAILS PERSONALIZADAS PARA O NGINX ---
-
-[nginx-json-attacks]
-enabled  = true
-port     = http,https
-# Usa o filtro nginx-json-attacks
-filter   = nginx-json-attacks
-logpath  = /var/log/nginx/access.log
-maxretry = 5
-findtime = 30s
-bantime  = 2h
-
-[nginx-ddos]
-enabled   = false
-port      = http,https
-# Usa o filtro nginx-json-ddos
-filter    = nginx-json-ddos
-logpath   = /var/log/nginx/access.log
-maxretry  = 100
-findtime  = 60s
-bantime   = 1h
-
-[recidive]
-enabled  = true
-logpath  = /var/log/fail2ban.log
-banaction = %(banaction_allports)s
-bantime  = 1w
-findtime = 1d
-maxretry = 3
-
-[gitea]
-enabled  = true
-port     = http,https
-filter   = nginx-json-gitea
-logpath  = /var/log/nginx/access.log
-maxretry = 5
-findtime = 5m
-bantime  = 1h
-
-[exchange-authip]
-enabled  = true
-port     = https  
-# O tráfego de login é sempre HTTPS
-filter   = nginx-json-exchange
-logpath  = /var/log/nginx/access.log
-maxretry = 5       
-# Bane após 5 tentativas de login
-findtime = 5m      
-# Numa janela de 5 minutos
-bantime  = 24h     
-# Bane por 24 horas. Ataques ao Exchange são sérios.
-
-[nginx-json-scanners]
-enabled  = true
-port     = http,https
-filter   = nginx-json-scanners
-logpath  = /var/log/nginx/access.log
-maxretry = 2
-# Scanners não precisam de muitas chances.
-findtime = 10m
-bantime  = 1w
-# Bane scanners por uma semana.