Nginx DDOS Protection by fail2ban
Posted By : Prakhar Budholiya | 15-Apr-2016
* First of all install fail2ban
# apt-get install fail2ban
* Now copy jail.local file to jail.conf.
# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
# vim /etc/fail2ban/jail.local
*add following lines at the end of file, which defines the bantime, findtime, retries and actions.
[nginx-req-limit]
enabled = true
filter = nginx-req-limit
action = iptables-multiport[name=ReqLimit, port="http,https", protocol=tcp]
logpath = /var/log/nginx/*error.log
findtime = 300
bantime = 3600
maxretry = 3
save and exit
* Create a filter in fail2ban to block the ips
# vim /etc/fail2ban/filter.d/nginx-req-limit.conf
[Definition]
failregex = limiting requests, excess:.* by zone.*client: <HOST>
ignoreregex =
* Now set a limit request in nginx as-
# vim /etc/nginx/sites-available/defaut
* here define any one name of the zone, and set the burst size
location / {
limit_req zone=one burst=10;
try_files $uri $uri/ /index.php;
}
* Now define the limit_req_zone and rate in nginx file as-
# vim /etc/nginx/nginx.conf
include /etc/nginx/mime.types;
default_type application/octet-stream;
limit_req_zone $binary_remote_addr zone=one:1m rate=1r/m;
save and exit
# service nginx restart
# service fail2ban restart
THANKS
Cookies are important to the proper functioning of a site. To improve your experience, we use cookies to remember log-in details and provide secure log-in, collect statistics to optimize site functionality, and deliver content tailored to your interests. Click Agree and Proceed to accept cookies and go directly to the site or click on View Cookie Settings to see detailed descriptions of the types of cookies and choose whether to accept certain cookies while on the site.
About Author
Prakhar Budholiya
Prakhar is a linux administrator and well versed with linux and networking. he loves horse riding and is an athlete.