https://docs.mitigator.ru/v26.04/en/tags/nginx/ Recent content in Nginx on BIFIT Mitigator Hugo -- gohugo.io en https://docs.mitigator.ru/v26.04/en/integrate/fail2ban/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/integrate/fail2ban/ The following web server security configuration is described: Nginx module ngx_http_limit_req detects the excess of the request limit; fail2ban analyzes error.log, which Nginx uses to report on the excesses; IP is added to the list of blocked by MITIGATOR API. MITIGATOR API client There is a script mitigator.py (download) to manage MITIGATOR, in particular to temporarily block an IP address via the MITIGATOR API. If necessary, the script can be modified to perform any other actions on MITIGATOR. https://docs.mitigator.ru/v26.04/en/integrate/web-challenger/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/integrate/web-challenger/ Web Challenger (WebC) is a Docker container containing NGINX and an HTTP/HTTPS request processing module that works in tandem with the HCA countermeasure in MITIGATOR. Possibilities The HCA countermeasure redirects HTTP/HTTPS requests from unauthenticated IP addresses to WebC, where the sender is verified. If the verification is successful, the source IP address is added to the HCA’s authenticated table. HCA can also work with third-party L7 protection devices. Multiple packet processors can work with one WebC when working in a cluster. https://docs.mitigator.ru/v26.04/en/integrate/log-analyzer/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/integrate/log-analyzer/ Info The log analysis functionality is additionally licensed. Logan is a MITIGATOR functionality for analyzing logs of a protected Web server (HTTP, HTTPS), detecting anomalies and attacking addresses. Protected servers send their logs to the Logan using syslog RFC 3164 (UDP, TCP). Logan can be located on the same server as the rest of the MITIGATOR, or separately. Logan on MITIGATOR Instance The following steps assume that an instance of MITIGATOR has already been installed.