Facebook
Twitter
Miguel Nunes
New Pleskian
I have a website which uses the authentication provided by the protected directory setting and I am using Nginx fully. There are no fail2ban jails for Nginx so I decided to create one.
This is what I did:
Created a Jail Filter named "nginx-auth":
Then created the Jail and named it "nginx-auth":
I am looking for errors in the log with
But when the browser authentication pops up and I enter wrong login information, nothing happens. After 3 failed attempts, it's still going.
What could be wrong? I am not using Plesk's Firewall extension because my host has it's own firewall but Iptables is enabled.
This is what I did:
Created a Jail Filter named "nginx-auth":
Code:
[Definition]
failregex = no user/password was provided for basic authentication.*client: <HOST>
user .* was not found in.*client: <HOST>
user .* password mismatch.*client: <HOST>
ignoreregex = </host></host></host>Then created the Jail and named it "nginx-auth":
Code:
[nginx-auth]
enabled = true
filter = nginx-auth
action = iptables-multiport[name="nginxauth", port="http,https", protocol="tcp"]
logpath = /var/www/vhosts/system/*/logs/error_log
/var/log/httpd/*error_log
maxretry = 3I am looking for errors in the log with
Code:
# tail -f /var/www/vhosts/system/site.domain.tld/logs/error_logBut when the browser authentication pops up and I enter wrong login information, nothing happens. After 3 failed attempts, it's still going.
What could be wrong? I am not using Plesk's Firewall extension because my host has it's own firewall but Iptables is enabled.
