ansible-crxn-router/roles/fail2ban/templates/config

[DEFAULT]
ignoreip = 127.0.0.1 ::1
bantime = 24h
usedns = warn

[sshd]
enabled = true
port = 22
filter = sshd
maxretry = 5

{% if webserver is defined %}
{% if webserver.exts is defined %}
{% if "php" in webserver.exts %}
[php-url-fopen]
enabled = true
port = 80,443,8080
filter = php-url-fopen
logpath = /var/log/apache*/*access.log

{% endif %}
{% endif %}
{% if webserver.serv == "nginx" %}
[nginx-noscript]
enabled  = true
port     = http,https
filter   = nginx-noscript
logpath  = /var/log/nginx/access.log
maxretry = 6

[nginx-badbots]
enabled  = true
port     = http,https
filter   = nginx-badbots
logpath  = /var/log/nginx/access.log
maxretry = 2

[nginx-nohome]
enabled  = true
port     = http,https
filter   = nginx-nohome
logpath  = /var/log/nginx/access.log
maxretry = 2

[nginx-noproxy]
enabled  = true
port     = http,https
filter   = nginx-noproxy
logpath  = /var/log/nginx/access.log
maxretry = 2
{% elif webserver.serv == "apache" %}
[apache]
enabled = true
port = 80,443,8080
filter = apache-auth
logpath =  /var/log/apache*/*error.log
maxretry = 6

[apache-overflows]
enabled = true
port = 80,443,8080
filter = apache-overflows
logpath = /var/log/apache*/*error.log
maxretry = 2

[apache-badbots]
enabled = true
port = 80,443,8080
filter = apache-badbots
logpath = /var/log/apache*/*error.log
maxretry = 2

[apache-noscript]
enabled  = true
port     = 80,443
filter   = apache-noscript
logpath  = /var/log/apache*/*error.log
maxretry = 4

[apache-nohome]
enabled  = true
port     = 80,443
filter   = apache-nohome
logpath  = /var/log/apache*/*error.log
maxretry = 2

[apache-botsearch]
enabled  = true
port     = http,https
filter   = apache-botsearch
logpath  = /var/log/apache*/*error.log
maxretry = 2

[apache-shellshock]
enabled  = true
port     = 80,443
filter   = apache-shellshock
logpath  = /var/log/apache*/*error.log
maxretry = 2
{% endif %}
{% endif %}