#
# Fail2ban configuration for NODE1 Nginx
# Install: apt-get install fail2ban
# Copy to: /etc/fail2ban/jail.d/nginx-node1.conf
#

[nginx-waf]
enabled = true
port = http,https
filter = nginx-waf
logpath = /var/log/nginx/waf-blocks.log
maxretry = 5
findtime = 300
bantime = 1800
action = iptables-multiport[name=nginx-waf, port="http,https", protocol=tcp]

[nginx-auth]
enabled = true
port = http,https
filter = nginx-auth
logpath = /var/log/nginx/auth-fails.log
maxretry = 10
findtime = 600
bantime = 3600
action = iptables-multiport[name=nginx-auth, port="http,https", protocol=tcp]

[nginx-ratelimit]
enabled = true
port = http,https
filter = nginx-limit-req
logpath = /var/log/nginx/api-error.log
maxretry = 20
findtime = 60
bantime = 600
action = iptables-multiport[name=nginx-ratelimit, port="http,https", protocol=tcp]