Hi, everyone:
I've found some interesting settings in the nginx plugins, which is called "honeypot". If any ip had visited this location, the source ip will be added to the nginx_block_list, and that's a great feature.
But after some ips get blocked, there will be no access/error log in the webgui. How can I get the info about what the bad guys did? e.g. hostname, url, timestamp, action, etc.
Hi.
not for now - premanent ban log is deleted when processed by autoban script.
only the ban timestamp is available at Services: Nginx: Banned.
i think its a nice idea to add a choice for (a second) permanent ban log.
It should be possible to have to copies of logs, because I can read logs from webgui of OPNsense and syslog server at the same time.