Hi there
Which nginx no-proxy filter are you using? I know of one floating around
on tutorials but it's not official and it does not even work either so I
am guessing that's the one you might have. There is not one I know of
included with Fail2Ban.
Just do a manual test to actually know if your Nginx is actually an open
proxy or not.
Run a curl like this:
curl --proxy http://www.yoursite.com:80 http://www.google.com
curl --proxy http://www.yousite.com:8080 http://www.google.com
You should get a 400 error from Nginx. If you don't then rather fix that
problem than worrying about a Fail2Ban filter trying to detect it.
You don't want your server being involved as a middle man in phishing or
scams.
Kind Regards
Mitch
On 2016/07/05 8:57 AM, gurabli wrote:
Hi,
I have nginx running on my home server, and recently I installed
fail2ban, and configured (among others) the noproxy jail. Since then,
I daily get a notification that Chinese IP is blocked by the norpoxy
filter.
I tried to get more information about the noproxy, but I couldn't find
anything that I understand. What are these users actually want to
achieve and use my server for that fail2ban successfully bans?
If I do not use fail2ban, what would they able to do with my server in
terms of this noproxy? I have authentication enables, if that matters
anything in case of proxy attack.
I set the max retries to 0 and ban to one week, and I also use GeoIP
blocking (it works, but for some reason it doesn't block by default
these Chinese IP's for noproxy), and I also added the IP range as deny
to nginx from where the noproxy attacks originated.
Many thanks!
gurabli
------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
