⚝
One Hat Cyber Team
⚝
Your IP:
216.73.217.4
Server IP:
41.128.143.86
Server:
Linux host.raqmix.cloud 6.8.0-1025-azure #30~22.04.1-Ubuntu SMP Wed Mar 12 15:28:20 UTC 2025 x86_64
Server Software:
Apache
PHP Version:
8.3.23
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
share
/
doc
/
fail2ban
/
dist-config
/
filter.d
/
View File Name :
nginx-http-auth.conf
# fail2ban filter configuration for nginx [INCLUDES] before = nginx-error-common.conf [Definition] mode = normal __err_type = <_ertp-<mode>> _ertp-auth = error mdre-auth = ^%(__prefix_line)suser "(?:[^"]+|.*?)":? (?:password mismatch|was not found in "[^\"]*"), client: <HOST>, server: \S*, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"(?:, referrer: "\S+")?\s*$ _ertp-fallback = crit mdre-fallback = ^%(__prefix_line)sSSL_do_handshake\(\) failed \(SSL: error:\S+(?: \S+){1,3} too (?:long|short)\)[^,]*, client: <HOST> _ertp-normal = %(_ertp-auth)s mdre-normal = %(mdre-auth)s _ertp-aggressive = (?:%(_ertp-auth)s|%(_ertp-fallback)s) mdre-aggressive = %(mdre-auth)s %(mdre-fallback)s failregex = <mdre-<mode>> ignoreregex = datepattern = {^LN-BEG} journalmatch = _SYSTEMD_UNIT=nginx.service + _COMM=nginx # DEV NOTES: # mdre-auth: # Based on samples in https://github.com/fail2ban/fail2ban/pull/43/files # Extensive search of all nginx auth failures not done yet. # # Author: Daniel Black # mdre-fallback: # Ban people checking for TLS_FALLBACK_SCSV repeatedly # https://stackoverflow.com/questions/28010492/nginx-critical-error-with-ssl-handshaking/28010608#28010608 # Author: Stephan Orlowsky