fail2ban example jail and filter (joplin server)

fail2ban jail and filter example

/etc/fail2ban/jail.d/joplin-403-sessions.conf

[joplin-403-sessions]
enabled = true
port = http,https
filter = joplin-403-sessions
action = iptables-multiport[name=joplin-403-sessions, port="http,https", protocol=tcp]
         sendmail-whois-lines[name=joplin-403-sessions, dest=postmaster@example.com, sender=fail2ban@example.com, logpath=/var/log/nginx/joplin.access.log]
logpath = /var/log/nginx/joplin.access.log
maxretry = 3
findtime = 1m
bantime = 3600
ignoreip = 127.0.0.1/8

/etc/fail2ban/filter.d/joplin-403-sessions.conf

[Definition]
failregex = ^<HOST> - .* "(GET|POST) /api/sessions.*" 403
ignoreregex =