# enable filtering of nginx http auth.
[nginx-http-auth]
enabled  = true
filter   = nginx-http-auth
port     = http,https
logpath  = /var/log/nginx/error.log
bantime  = -1
findtime = 86400
maxretry = 3

# Invalid file / directory access attempts.
[nginx-no-file-directory]
enabled  = true
filter   = nginx-no-file-directory
port     = http,https
logpath  = /var/log/nginx/error.log
bantime  = -1
findtime = 86400
maxretry = 2

# Forbidden index access attempts.
[nginx-forbidden]
enabled  = true
filter   = nginx-forbidden
port     = http,https
logpath  = /var/log/nginx/error.log
bantime  = -1
findtime = 86400
maxretry = 2

# Ban repeated client errors.
[nginx-errors]
enabled  = true
filter   = nginx-errors
port     = http,https
logpath  = /var/log/nginx/access.log
bantime  = -1
findtime = 86400
maxretry = 2

# Ban clients looking for scripts.
[nginx-noscript]
enabled  = true
filter   = nginx-noscript
port     = http,https
logpath  = /var/log/nginx/access.log
bantime  = -1
findtime = 86400
maxretry = 6

# Ban known malicious bad bots.
[nginx-badbots]
enabled  = true
filter   = nginx-badbots
port     = http,https
logpath  = /var/log/nginx/access.log
bantime  = -1
findtime = 86400
maxretry = 2

# Ban requests for user home directories.
[nginx-nohome]
enabled  = true
filter   = nginx-nohome
port     = http,https
logpath  = /var/log/nginx/access.log
bantime  = -1
findtime = 86400
maxretry = 2

# Ban attempts to use as an open proxy.
[nginx-noproxy]
enabled  = true
filter   = nginx-noproxy
port     = http,https
logpath  = /var/log/nginx/access.log
bantime  = -1
findtime = 86400
maxretry = 2