[nginx-noscript]
enabled = true
port = http,https
filter = nginx-noscript
logpath = /var/log/nginx/access.log
maxretry = 6
It is advised to not enable [nginx-noscript] jail, if server is running scripts. What are the types of scripts in this case?
Take a look at the failregex definition for the nginx-noscript filter. You can typically find filters in /etc/fail2ban/filter.d/.
Example:
cat /etc/fail2ban/filter.d/nginx-noscript.conf
You may see something like this, which would restrict access to .php, .asp, .exe, .pl, .cgi, and .scgi files:
# Noscript filter /etc/fail2ban/filter.d/nginx-noscript.conf:
[Definition]
failregex = ^<HOST> -.*GET.*(\.php|\.asp|\.exe|\.pl|\.cgi|\.scgi)
ignoreregex =
