如題
要處理兩個東西
1. 設定fail2ban的filter
# vi /etc/fail2ban/filter.d/xmlrpc.conf
貼入以下
[Definition]
failregex = ^<HOST> .*POST .*xmlrpc\.php.*
ignoreregex =
2.設定jail
# vi /etc/fail2ban/jail.local
貼入以下
[xmlrpc]
enabled = true
filter = xmlrpc
action = iptables[name=xmlrpc, port=http, protocol=tcp]
logpath = /var/log/nginx/access.log
bantime = 43600
maxretry = 2
3. 完成,重啟服務
# service fail2ban restart