From 1877d319689ba7fb4ab0027841991b3bf9a1c4f0 Mon Sep 17 00:00:00 2001 From: SubINaclS Date: Wed, 3 Jun 2026 22:26:12 +0000 Subject: [PATCH] Add techniques/fail2ban/howto_rate_limit_fail2ban.md --- .../fail2ban/howto_rate_limit_fail2ban.md | 55 +++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 techniques/fail2ban/howto_rate_limit_fail2ban.md diff --git a/techniques/fail2ban/howto_rate_limit_fail2ban.md b/techniques/fail2ban/howto_rate_limit_fail2ban.md new file mode 100644 index 0000000..952211f --- /dev/null +++ b/techniques/fail2ban/howto_rate_limit_fail2ban.md @@ -0,0 +1,55 @@ +# Rate Limiting and Fail2Ban Deployment Guide (nginx, Apache, Fail2Ban) + +The Church of Malware (CoM) does not condone the use or introduction of bans onto any individual, human, or animal; however, AI is neither natural, a human, nor actual intelligence. This focused installation and configuration tutorial provides complete, production-ready steps for built-in rate limiting and automatic banning with Fail2Ban. It covers nginx, Apache, and Fail2Ban integration with the aggressive-bot UA list. + +## 1. nginx Rate Limiting (Built-in) + +```nginx +limit_req_zone $binary_remote_addr zone=ai_limit:10m rate=1r/s; + +server { + location / { + limit_req zone=ai_limit burst=5 nodelay; + } +} +``` + +## 2. Apache Rate Limiting (mod_ratelimit) + +```apache + + SetOutputFilter RATE_LIMIT + RateLimit 10K + +``` + +## 3. Fail2Ban Configuration + +```ini +# /etc/fail2ban/jail.local +[anubis-tarpit] +enabled = true +filter = anubis-tarpit +logpath = /var/log/nginx/ai_violators.log +maxretry = 5 +bantime = 86400 +``` + +Filter example (`/etc/fail2ban/filter.d/anubis-tarpit.conf`): + +```ini +[Definition] +failregex = ^ - .* "GET /tarpit/.*" 200 +``` + +## 4. Integration with Aggressive-Bot Map + +Use the same `map` or `SetEnvIf` from the Anubis and Nepenthes guides so rate limiting and Fail2Ban only apply to known violators. + +## 5. Testing + +```bash +curl -I -A "GPTBot/1.0" https://example.com/ # rate limited or banned after retries +``` + +*Companion to the Anubis and Nepenthes how-to documents.* \ No newline at end of file