From cce83b0c085d0667e7fbea3e24262f4f9072dc71 Mon Sep 17 00:00:00 2001
From: Sam <samual.shop@proton.me>
Date: Sun, 2 Mar 2025 23:07:58 +0000
Subject: [PATCH] fail2ban nginx-botsearch

---
 hosts/common/optional/fail2ban.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/hosts/common/optional/fail2ban.nix b/hosts/common/optional/fail2ban.nix
index 5811fcc..f8048f0 100644
--- a/hosts/common/optional/fail2ban.nix
+++ b/hosts/common/optional/fail2ban.nix
@@ -13,6 +13,7 @@
     enable = true;
     maxretry = 5;
     ignoreIP = [
+      "86.173.148.116"
     ];
     bantime-increment = {
       enable = true;
@@ -29,6 +30,15 @@
         bantime = 600;
         maxretry = 10;
       };
+      nginx-botsearch.settings = {
+        filter = "nginx-botsearch";
+        action = "iptables-allports";
+        logpath = "/var/log/nginx/access.log";
+        backend = "auto";
+        findtime = 600;
+        bantime = 86400;
+        maxretry = 3;
+      };
     };
   };
 }