Merge pull request #83 from niiknow/master

Misc fixes.

rootfs/etc/fail2ban/filter.d/nginx-4xx.conf

@@ -0,0 +1,11 @@
+# Fail2Ban filter for nginx request flood
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+failregex = ^<HOST> -.*"(GET|POST|HEAD).*HTTP.*" (400|401|403|404|444) .*$
+
+ignoreregex = .*(robots.txt|ico|jpg|jpeg|png|webp|gif|js|css|xml)

rootfs/etc/fail2ban/filter.d/nginx-limit-req.conf

@@ -6,8 +6,9 @@
 before = common.conf
 
 [Definition]
-failregex = ^ \[error\] \d+#\d+: .*limiting requests.*, client: <HOST>, server: \S+, request: "POST /xmlrpc.php.*$
-            ^ \[error\] \d+#\d+: .*limiting requests.*, client: <HOST>, server: \S+, request: .*$
+failregex = ^ \[error\] \d+#\d+: .*limiting requests.*, client: <HOST>, server: \S+, request: .*$
             ^ \[error\] \d+#\d+: .*access forbidden by.*, client: <HOST>, server: \S+, request: .*$
+            ^ \[error\] \d+#\d+: .*script unknown.*, client: <HOST>, server: \S+, request: .*$
+            ^ .* \[client <HOST>:\d+\] .*not found or unable to sta.*$
 
 ignoreregex = 

rootfs/etc/fail2ban/jail.new

@@ -96,22 +96,12 @@ findtime = 600
 maxretry = 10
 bantime  = 1200
 
-[nginx-404]
-enabled  = false
-action   = vesta[name=WEB]
-filter   = nginx-404
-logpath  = /var/log/apache2/domains/*.log
-# 20 errors 404 within 2 minutes, ban for 20 minutes
-findtime = 120
-maxretry = 20
-bantime  = 1200
-
-[nginx-403]
-enabled  = false
+[nginx-4xx]
+enabled  = true
 action   = vesta[name=WEB]
-filter   = nginx-403
+filter   = nginx-4xx
 logpath  = /var/log/apache2/domains/*.log
-# 20 errors 403 within 2 minutes, ban for 20 minutes
+# 20 of 4xx errors within 2 minutes, ban for 20 minutes
 findtime = 120
 maxretry = 20
 bantime  = 1200