You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
this is not really an installation issue per se but more like a question related about the synergy between tools such as fail2ban and crowdsec.
My understanding was that nginx ultimate bad bot blocker also contains a list of IPs which are somewhat up-to-date, is that the case or the main intention of the tool is to reject attacks mainly based on patterns/ua and leave the bad IPs as a secondary feature?
Are then fail2ban/crowdsec overkill against nginx logs?
The text was updated successfully, but these errors were encountered:
@maxdd - I always used UBBB with fail2ban (which was already detecting & blocking clients who generated too many bad 40x's)
I think the proper place for rate limiting requests is in the firewall (all web clients should behave nicely)
I prefer nftables firewalls as it's a single config for ipv4 / ipv6 & ipset functionality is built in.
Blocking bad ip's in ipsets at the nftables ingress level hook is a good choice for performance (i.e before packets traverse connection tracking & before prerouting) - requires kernel 5.10+ & nftables 0.9.7+
Hello,
this is not really an installation issue per se but more like a question related about the synergy between tools such as fail2ban and crowdsec.
My understanding was that nginx ultimate bad bot blocker also contains a list of IPs which are somewhat up-to-date, is that the case or the main intention of the tool is to reject attacks mainly based on patterns/ua and leave the bad IPs as a secondary feature?
Are then fail2ban/crowdsec overkill against nginx logs?
The text was updated successfully, but these errors were encountered: