fail2ban-config/jail.d/custom.conf

[DEFAULT]
bantime.increment    = true
bantime.rndtime      = 30m
bantime.maxtime      = 60d
bantime.factor       = 2
bantime.formula      = ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)
bantime.overalljails = true
#banaction = iptables-multiport
banaction =ufw
action = %(action_)s
#chain = input
chain = INPUT

maxretry = 3
bantime = 3h
findtime = 10m
ignoreip = 127.0.0.1 173.212.248.254 217.160.175.146 38.242.192.137




destemail = jgv1404@gmail.com danielhg1285@gmail.com
sender = fail2ban@ctcon.appollo.cloud
sendername = Fail2Ban Nginx Scanner Alert
mta = sendmail

[recidive]
enabled   = true
bantime   = 9w
findtime  = 3d
backend = systemd

[sshd]
enabled = true
port = 9022
banaction = iptables-multiport
logpath = /var/log/auth.log
filter = sshd
backend = systemd

[nginx-botsearch]
enabled  = true
filter   = nginx-botsearch
logpath  = /var/log/nginx/access.log
port     = http,https
maxretry = 6
findtime = 120
bantime  = 1h
backend  = polling


[nginx-limit-req]
enabled  = true
filter   = nginx-limit-req
logpath  = /var/log/nginx/error.log
port     = http,https
maxretry = 5
findtime = 60
bantime  = 30m
backend  = polling

[nginx-bad-request]
enabled  = true
filter   = nginx-bad-request
logpath  = /var/log/nginx/access.log
port     = http,https
maxretry = 3
findtime = 300
bantime  = 2h
backend  = polling

[nginx-http-auth]
enabled  = false
filter   = nginx-http-auth
logpath  = /var/log/nginx/error.log
port     = http,https
maxretry = 5
findtime = 600
bantime  = 1h
backend  = polling

[nginx-scan-params]
enabled  = true
filter   = nginx-scan-params
logpath  = /var/log/nginx/access.log
port     = http,https
maxretry = 2
findtime = 120
bantime  = 6h
backend  = polling
action = %(action_mwl)s