linux:fail2ban

差别

这里会显示出您选择的修订版和当前版本之间的差别。

到此差别页面的链接

--- linux:fail2ban [2016/04/15 22:13] – Fix inotify deb name memory
+++ linux:fail2ban [2023/12/03 10:24] (当前版本) – 外部编辑 127.0.0.1
@@ 行 71: / 行 71: @@
 sudo fail2ban-client status
 sudo fail2ban-client status ssh
+</code>
+===== Usage =====
+==== Check fail2ban status ====
+  fail2ban-client status
+  fail2ban-client status [jail-name]
+==== Unban ip ====
+  fail2ban-client set [jail-name] unbanip [ip]
+==== Test filter rule ====
+  fail2ban-regex 'string' /etc/fail2ban/filter.d/rule.conf
+  fail2ban-regex /path/to/access.log /etc/fail2ban/filter.d/rule.conf
+===== Ban ip by specified nginx rule =====
+新增规则限制 ''nginx'' 某个接口访问（例如短信），避免被恶意使用
+<code ini>
+[nginx-sms]
+enabled = true
+port = http,https
+filter = nginx-sms
+logpath = /path/to/access.log
+maxtry = 9
+findtime = 86400
+bantime  = 21600
+</code>
+<code init /etc/fail2ban/filter.d/nginx-sms.conf>
+[Definition]
+failregex = ^<HOST> - - .* \"POST /path/to HTTP/1.1\" .*$
+ignoreregex =
 </code>

linux/fail2ban.1460729638.txt.gz · 最后更改: 2023/12/03 10:24 (外部编辑)