From 5b10cd660be4059759bb1667107002a4023be14a Mon Sep 17 00:00:00 2001
From: Meas <1107063+Measurity@users.noreply.github.com>
Date: Fri, 30 Aug 2024 22:57:31 +0200
Subject: [PATCH] Update config.md

Added note to add ", chain=DOCKER-USER" to the fail2ban jail action if using docker networks

By default, the jail action chain is "INPUT", but "FORWARD" is used when using docker networks. "DOCKER-USER", available when using docker, is part of the "FORWARD" chain. Hence the note to use "DOCKER-USER".
---
 docs/config.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/config.md b/docs/config.md
index 5fc1b6e5..293f08f1 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -1242,6 +1242,8 @@ and [here](https://easyengine.io/tutorials/nginx/block-wp-login-php-bruteforce-a
     maxretry = 10
     ```
 
+!!! info If you run nginx in a container, append `, chain=DOCKER-USER` to the jail.local action.
+
 ## Health checks
 A preliminary health check API endpoint is exposed at `/v1/health`. The endpoint returns a `json` response in the format shown below.
 If a non-200 HTTP status code is returned or if the returned `healthy` field is `false` the ntfy service should be considered as unhealthy.