Changed Fail2ban settings, updated Readme (#191)

* Made fail2ban settings more consistent across OSes, disabled HTTP ratelimit permaban on Debian as auto-refresh behaviour in FusionPBX can trigger it. * Increase nginx-404 ban back to 1 hour
2018-10-11 11:22:35 -07:00
parent 0ac1c952ae
commit 009702bd12
5 changed files with 18 additions and 15 deletions
--- a/debian/resources/fail2ban/jail.local
+++ b/debian/resources/fail2ban/jail.local
@@ -104,7 +104,7 @@ action   = iptables-allports[name=fusionpbx-mac, protocol=all]
 #          sendmail-whois[name=fusionpbx-mac, dest=root, sender=fail2ban@example.org] #no smtp server installed
 maxretry = 5
 findtime = 300
-bantime  = -1
+bantime  = 86400

 [nginx-404]
 enabled  = true
@@ -120,12 +120,12 @@ maxretry = 120
 [nginx-dos]
 # Based on apache-badbots but a simple IP check (any IP requesting more than
 # 240 pages in 60 seconds, or 4p/s average, is suspicious)
-enabled  = true
+enabled  = false
 port     = 80,443
 protocol = tcp
 filter   = nginx-dos
 logpath  = /var/log/nginx/access*.log
 action   = iptables-allports[name=nginx-dos, protocol=all]
 findtime = 60
-bantime  = -1
+bantime  = 86400
 maxretry = 240