Hi,
I have nginx running on my home server, and recently I installed fail2ban,
and configured (among others) the noproxy jail. Since then, I daily get a
notification that Chinese IP is blocked by the norpoxy filter.
I tried to get more information about the noproxy, but I couldn't find
anything that I understand. What are these users actually want to achieve
and use my server for that fail2ban successfully bans?
If I do not use fail2ban, what would they able to do with my server in
terms of this noproxy? I have authentication enables, if that matters
anything in case of proxy attack.
I set the max retries to 0 and ban to one week, and I also use GeoIP
blocking (it works, but for some reason it doesn't block by default these
Chinese IP's for noproxy), and I also added the IP range as deny to nginx
from where the noproxy attacks originated.
Many thanks!
gurabli
------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
