使用 Fail2Ban 自動阻擋攻擊者

vi /etc/fail2ban/jail.local

加入

[nginx-http-auth]
enabled  = true
filter   = nginx-http-auth
action   = iptables[name=HTTP, port=http, protocol=tcp]
logpath  = /var/log/nginx/error.log
bantime  = 3600
findtime = 600
maxretry = 5

重新啟動服務

systemctl restart fail2ban

檢查當前被封的 IP

fail2ban-client status