LinuxQuestions.org - [SOLVED] Protecting Nginx against DDoS attacks by Fail2Ban

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Protecting Nginx against DDoS attacks by Fail2Ban (https://www.linuxquestions.org/questions/linux-security-4/protecting-nginx-against-ddos-attacks-by-fail2ban-4175734572/)

Jason.nix

03-05-2024 12:53 AM

Protecting Nginx against DDoS attacks by Fail2Ban

Hello,
To protect Nginx against DDoS attacks by Fail2Ban I found the following tutorial:
https://easyengine.io/tutorials/nginx/fail2ban/

What does HOST mean in the following line? Should I enter the IP address of the host or the domain name of the website?

Code:

failregex = limiting requests, excess:.* by zone.*client: <HOST>

Thank you.

TenTenths

03-05-2024 03:37 AM

Quote:

Originally Posted by Jason.nix (Post 6487702)

What does HOST mean in the following line?

It's the "placeholder" in the regex that tells F2B where to extract the IP address from.

Quote:

Originally Posted by Jason.nix (Post 6487702)

Should I enter the IP address of the host or the domain name of the website?

None of the above. Try reading some documentation such as https://fail2ban.readthedocs.io/en/latest/filters.html rather than blindly relying on "How To" guides.

All times are GMT -5. The time now is 11:29 PM.