From fa733107ba60b0984ce4e244d8f9c9e901b8cf45 Mon Sep 17 00:00:00 2001
From: ilyamak04 <makilya04@gmail.com>
Date: Wed, 28 May 2025 20:51:18 +0300
Subject: [PATCH] ADD fail2ban

---
 docs/Other/fail2ban.md | 77 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)
 create mode 100644 docs/Other/fail2ban.md

diff --git a/docs/Other/fail2ban.md b/docs/Other/fail2ban.md
new file mode 100644
index 0000000..e70618e
--- /dev/null
+++ b/docs/Other/fail2ban.md
@@ -0,0 +1,77 @@
+### Установка
+
+```bash
+sudo apt update && sudo apt install fail2ban -y
+```
+### Настройка
+
+```bash
+# рекомендуется, но необязательно
+cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local 
+```
+
+- `vi /etc/fail2ban/jail.local`
+```bash
+[DEFAULT]
+ignoreip = 127.0.0.1/8 ::1
+
+[sshd]
+enabled = true
+port = 10001
+#Для Debian добавить:
+#backend = systemd
+# Если в течении 24 часов
+findtime = 86400
+# произведено 3 неудачных попытки логина,
+maxretry = 3
+# то банить IP навсегда.
+bantime = -1
+
+[nginx-bad-request]
+enabled = true
+port = http,https
+filter = nginx-bad-request
+logpath = /var/log/nginx/*access.log
+maxretry = 3
+findtime = 5m
+bantime = 24h
+
+[nginx-http-auth]
+enabled = true
+port = http,https
+filter = nginx-http-auth
+logpath = /var/log/nginx/*error.log
+maxretry = 3
+findtime = 5m
+bantime = 24h
+
+[nginx-botsearch]
+enabled = true
+port = http,https
+filter = nginx-botsearch
+logpath = /var/log/nginx/*access.log
+maxretry = 5
+findtime = 10m
+bantime = 24h
+
+[nginx-limit-req]
+enabled = true
+filter = nginx-limit-req
+logpath = /var/log/nginx/*error.log
+maxretry = 100
+findtime = 30
+bantime = 24h
+```
+
+- Проверка
+```bash 
+fail2ban-server -t
+fail2ban-client reload
+fail2ban-client status        
+fail2ban-client status sshd    # Статус защиты SSH
+fail2ban-client status nginx-bad-reauest
+fail2ban-client status nginx-botsearch
+fail2ban-client status nginx-http-auth
+fail2ban-client status nginx-limit-req
+tail -f /var/log/fail2ban.log 
+```
\ No newline at end of file