updated and condensed fail2ban docs

README.md

@@ -93,28 +93,17 @@ This pattern is inspired by [fail2ban](http://www.fail2ban.org/wiki/index.php/Ma
 See the [fail2ban documentation](http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Jail_Options) for more details on
 how the parameters work.
 
-    # Block requests from IP addresses that misbehave
+    # Block requests from IP addresses that misbehave.
+    # Allow up to 3 bad requests within 10 minutes, then ban the IP for 5 minutes if exceeded
     Rack::Attack.blacklist('fail2ban pentesters') do |req|
       # `filter` returns truthy value if request fails, or if it's from a previously banned IP
       # this causes `blacklist` to block the request
-      Rack::Attack::Fail2Ban.filter("pentest",                  # namespace for cache key
+      Rack::Attack::Fail2Ban.filter(req.ip, :maxretry => 3, :findtime => 10.minutes, :bantime => 5.minutes) do
-                                    req.ip,                     # count matching requests based on IP
-                                    :maxretry => 3,             # allow up to 3 bad requests...
-                                    :findtime => 10.minutes,    # to occur within 10 minutes...
-                                    :bantime => 5.minutes) do   # and ban the IP address for 5 minutes if exceeded
         # if block is truthy, the count for the IP is incremented
         CGI.unescape(req.query_string) =~ %r{/etc/passwd} 
       end
-
     end
 
-
-Rack::Attack.blacklist('pentest') do |request|
-  Rack::Attack::Fail2Ban.filter('pentest', request.ip, bantime: 10.minutes, findtime: 10.minutes, maxretry: 3) do
-    RACK_ATTACK_DIE_PEN_TESTER_TESTS.any?{|test| test.(request)}
-  end
-end
-
 ### Throttles
 
     # Throttle requests to 5 requests per second per ip