Resource Nginx Reverse Proxy + Mod Security WAF + fail2ban + geoip2 - XtreamUI | Streamcreed [Deleted]

[sbarboff]

sbarboff submitted a new resource:

Nginx Reverse Proxy + Mod Security WAF + fail2ban + geoip2 - streamcreed, xtream ui proxy

Reverse proxy for streamcreed / Xtream UI

Proxy Install v1.0
OS Ubuntu 20.04 LTS Server
Register for free to get accountID and licenseKEY fro geoip2 lite at : https://dev.maxmind.com/geoip/geolite2-free-geolocation-data?lang=en


- Nginx , Mod Security , Fail2ban , Mariadb for store ip banned ( next version whit webadmin ).
- Block User Agent -> /etc/nginx/useragent.rules
- Block ISP -> /etc/nginx/block_isp.conf
- Block ASN Number -> /etc/nginx/block_asn.conf
- Country...

Read more about this resource...

 

[jose123]

Is it working? Good to install?

 

[sbarboff]

yes working, for problem send message in this forum.

 

[mroz]

for what is that?

 

[sbarboff]

reverse proxy for protect main server streamcreed / Xtream UI .

 

[jose123]

prevents blocking by the operator?

 

[sbarboff]

- Nginx , Mod Security , Fail2ban , Mariadb for store ip banned ( next version whit webadmin ).
- Block User Agent -> /etc/nginx/useragent.rules
- Block ISP -> /etc/nginx/block_isp.conf
- Block ASN Number -> /etc/nginx/block_asn.conf
- Country Whitelist -> /etc/nginx/country_whitelist.conf ( Default block all country ) ( possibility to block for example US country but exclude some ip/range from US ( https://it.wikipedia.org/wiki/ISO_3166-1_alpha-2 )
- IP Whitelist for exclusion to req_limit zone -> /etc/nginx/ip_whitelist.conf
- SQL Injection prevention
- Ip Whitelist for exclusion to fail2ban -> /etc/fail2ban/jail.local find line :

 

[NullZ]

Very beautiful and interesting work, worth trying

 

[Drewey73]

Is this just for main server or also lb servers

 

[sbarboff]

Is this just for main server or also lb servers

main server

 

[akawi11]

checked
is great to protect main, not streaming port, for streaming port need to remove blocks all 4XX

 

[shitping]

hi

Very nice script
Best way to check database Mariadb for store ip banned ?

 

[sbarboff]

hi

Very nice script
Best way to check database Mariadb for store ip banned ?

I'm writing a small web interface where you can manage everything.

to see now who is banned use the iptables command:

iptables -L

 

[sbarboff]

installer update - fix wrong variable on install fail2ban nginx-4xx

=> ui coming soon

 

[shitping]

How to use 2 or more port, lets say 25461 and 25463

 

[sbarboff]

How to use 2 or more port, lets say 25461 and 25463

add second listen port in nginx.conf :


listen 25461;
listen 25463;

 

[shitping]

add second listen port in nginx.conf :


listen 25461;
listen 25463;

yes i know that, but what about jail.local

[nginx-req-limit]

enabled = true
filter = nginx-req-limit
action = iptables-multiport[name=ReqLimit, port="25461", port="25463", protocol=tcp]
banned_db[name=ReqLimit, port="25461", port="25463", protocol=tcp]
logpath = /var/log/nginx/*error.log
findtime = 600
bantime = 7200
maxretry = 10

[nginx-4xx]
enabled = true
port = http,https
action = iptables-multiport[name=nginx-4xx, port="25461", port="25463", protocol=tcp]
banned_db[name=ReqLimit, port="25461", port="25463", protocol=tcp]
logpath = /var/log/nginx/access.log
findtime = 600
maxretry = 10
bantime = 7200


[DEFAULT]
ignoreip = 127.0.0.1/8 10.0.0.0/8 192.168.0.0/16 172.16.0.0/16

is this the right way to do it? And is there other config i have to edit?

 

[sbarboff]

try :


action = iptables-multiport[name=nginx-4xx, port="25461,25463", protocol=tcp]
banned_db[name=ReqLimit, port="25461,25463", protocol=tcp]

 

[thugthug]

Content like this should have more accessibility, but in fact you deserve to receive something for bringing good content to the community, unfortunately I don't think I'll ever be able to buy this content here on the forum, so I'll try to do at least a little bit of this using google, congratulations on the content .

 

[goldenmedia]

try :


action = iptables-multiport[name=nginx-4xx, port="25461,25463", protocol=tcp]
banned_db[name=ReqLimit, port="25461,25463", protocol=tcp]

hy mate how to use it i install it on new fresh ubuntu 20 and how to use it now ?