#编辑文件
vi /etc/fail2ban/jail.loca
#写入以下内容
[DEFAULT]
ignoreip = 127.0.0.1/8
bantime = 600
findtime = 300
maxretry = 3
banaction = firewallcmd-ipset
action = %(action_mwl)s
[nginx-http-auth]
enabled = true
filter = nginx-http-auth
port = http,https
logpath = /www/wwwlogs/*error.log
#重启fail2ban
systemctl restart fail2ban
#观察
fail2ban-client status nginx-http-auth以上用得规则是自带的,如果没有自带规则
请参考
http://wiki.fnil.net/index.php?title=Fail2ban%E9%85%8D%E7%BD%AE
https://serverfault.com/questions/421046/how-to-limit-nginx-auth-basic-re-tries