Fail2Ban - HTTP Basic Auth


#1

Hi,

Just wondering if anyone has had any issues getting Fail2Ban nginx-http-auth to work:

jail.local:

`[nginx-http-auth]

enabled = true filter = nginx-http-auth port = http,https logpath = /var/log/nginx/*error.log`

filter: # fail2ban filter configuration for nginx

[Definition]


failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (password mismatch|was not found in ".*"), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"\s*$
            ^ \[error\] \d+#\d+: \*\d+ no user/password was provided for basic authentication, client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", h$

ignoreregex =

# DEV NOTES:
# Based on samples in https://github.com/fail2ban/fail2ban/pull/43/files
# Extensive search of all nginx auth failures not done yet.
#
# Author: Daniel Black

When I run:

service fail2ban restart; fail2ban-client status

I get everything working except for http-nginx-auth:

Status |- Number of jail: 7- Jail list: nginx-noproxy, nginx-noscript, nginx-nohome, nginx-req-limit, nginx-badbots, ssh-ddos, ssh`

I haven’t had this issue before using EE.

Thanks


#2