https://iceburn.medium.com/how-to-apply-fail2ban-to-nginx-excess-404-and-403-6b601285df02
fail2ban 配置
# /etc/fail2ban/filter.d/nginx.conf
[Definition]
failregex = ^<HOST>.*"(GET|POST).*" (403|404) .*$
ignoreregex =
# /etc/fail2ban/jail.local
[nginx]
enabled = true
port = http,https
filter = nginx
logpath = /var/log/nginx*/*access.log
action = iptables-multiport[name=404, port="http,https", protocol=tcp]
maxretry = 5
findtime = 30
bantime = 7200
#/etc/fail2ban/jail.conf
# ip 白名单
ignoreip = 127.0.0.1/8 xxx.xxx.xxx.xxx/16
nginx 日志路径配置
懂得,原来世界如此简单!