first step in protecting against crawlers

2026-03-05 21:27:59 -07:00 · 2026-03-05 21:27:59 -07:00 · 51d09b08d5
commit 51d09b08d5
parent 796428cbda
2 changed files with 10 additions and 0 deletions
--- a/roles/fail2ban/files/filter.d/caddy-crawler.conf
+++ b/roles/fail2ban/files/filter.d/caddy-crawler.conf
@ -0,0 +1,2 @@
+[Definition]
+failregex = .*"remote_ip":"<HOST>".*
--- a/roles/fail2ban/files/jail.d/caddy.conf
+++ b/roles/fail2ban/files/jail.d/caddy.conf
@ -14,3 +14,11 @@ filter = caddy-auth
 maxretry = 40
 findtime = 10m
 bantime = 1h
+
+[caddy-crawler]
+enabled = true
+journalmatch = CONTAINER_NAME=caddy
+filter = caddy-crawler
+maxretry = 200
+findtime = 1m
+bantime = 6h