• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved Can't configure Fail2ban for Nginx Auth

Miguel Nunes

Miguel Nunes

New Pleskian
I have a website which uses the authentication provided by the protected directory setting and I am using Nginx fully. There are no fail2ban jails for Nginx so I decided to create one.

This is what I did:

Created a Jail Filter named "nginx-auth":
Code: 
[Definition]
failregex = no user/password was provided for basic authentication.*client: <HOST>
    user .* was not found in.*client: <HOST>
    user .* password mismatch.*client: <HOST>
ignoreregex = </host></host></host>

Then created the Jail and named it "nginx-auth":

Code: 
[nginx-auth]
enabled = true
filter = nginx-auth
action = iptables-multiport[name="nginxauth", port="http,https", protocol="tcp"]
logpath = /var/www/vhosts/system/*/logs/error_log
/var/log/httpd/*error_log
maxretry = 3

I am looking for errors in the log with

Code: 
# tail -f /var/www/vhosts/system/site.domain.tld/logs/error_log

But when the browser authentication pops up and I enter wrong login information, nothing happens. After 3 failed attempts, it's still going.

What could be wrong? I am not using Plesk's Firewall extension because my host has it's own firewall but Iptables is enabled.
 
It was the log path which was set to look for Apache's error logs instead of Nginx's.

Should be this:

Code: 
/var/www/vhosts/system/*/logs/proxy_error_log
/var/log/nginx/*error.log
 
You must log in or register to reply here.

Similar threads

wakabayashi
Resolved Fail2Ban - Postfix not working for SASL (bug?)
Replies
4
Views
2K
mizar
mizar
TimReeves
Fail2Ban Jail needed for /var/log/sw-cp-server/error_log
Replies
5
Views
7K
roon
R
andreios
Issue Fail2ban WordPress login detection doesn't work and fail2ban couldn't be configured trough Plesk
Replies
2
Views
975
andreios
andreios
F
Question User Registration and Authentication
Replies
2
Views
1K
fayer
F
A
Question Plesk Admin - Bad Bot protection
Replies
4
Views
512
Alban Staehli
A
Back
Top