1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Resolved Can't configure Fail2ban for Nginx Auth

Discussion in 'Plesk Onyx for Linux' started by Miguel Nunes, May 5, 2017.

  1. Miguel Nunes

    Miguel Nunes New Pleskian

    2
    70%
    Joined:
    May 5, 2017
    Messages:
    5
    Likes Received:
    0
    Location:
    Portugal
    I have a website which uses the authentication provided by the protected directory setting and I am using Nginx fully. There are no fail2ban jails for Nginx so I decided to create one.

    This is what I did:

    Created a Jail Filter named "nginx-auth":
    Code:
    [Definition]
    failregex = no user/password was provided for basic authentication.*client: <HOST>
        user .* was not found in.*client: <HOST>
        user .* password mismatch.*client: <HOST>
    ignoreregex = </host></host></host>
    Then created the Jail and named it "nginx-auth":

    Code:
    [nginx-auth]
    enabled = true
    filter = nginx-auth
    action = iptables-multiport[name="nginxauth", port="http,https", protocol="tcp"]
    logpath = /var/www/vhosts/system/*/logs/error_log
    /var/log/httpd/*error_log
    maxretry = 3
    I am looking for errors in the log with

    Code:
    # tail -f /var/www/vhosts/system/site.domain.tld/logs/error_log
    But when the browser authentication pops up and I enter wrong login information, nothing happens. After 3 failed attempts, it's still going.

    What could be wrong? I am not using Plesk's Firewall extension because my host has it's own firewall but Iptables is enabled.
     
  2. UFHH01

    UFHH01 Plesk addicted!

    44
    64%
    Joined:
    Jun 11, 2013
    Messages:
    6,762
    Likes Received:
    1,712
    Location:
    Hamburg / Germany
    Best Answer
  3. Miguel Nunes

    Miguel Nunes New Pleskian

    2
    70%
    Joined:
    May 5, 2017
    Messages:
    5
    Likes Received:
    0
    Location:
    Portugal
    It was the log path which was set to look for Apache's error logs instead of Nginx's.

    Should be this:

    Code:
    /var/www/vhosts/system/*/logs/proxy_error_log
    /var/log/nginx/*error.log
     
Loading...