Seite 1 von 1

apache-noscript.conf

Verfasst: Mo 11. Apr 2016, 19:38
von THE-AB
System:
Debian Jessie
Fail2Ban v0.8.13

/etc/fail2ban/jail.conf

Code: Alles auswählen

[apache-noscript]
enabled = true
port    = http,https
filter  = apache-noscript
logpath = /var/log/apache2/error.log
maxretry = 1

/etc/fail2ban/filter.d/apache-noscript.conf

Code: Alles auswählen

# Fail2Ban configuration file
#
#
#

[Definition]

# Option:  failregex
# Notes.:  regex to match the password failure messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values:  TEXT
#
failregex = ^\[.*]* \[client <HOST>:[0-9]+\] script '/\S*(\php|\php4|\php5|\php-cgi|\php.cgi|\.php|\.asp|\.exe|\.pl)\S*' not found or unable to stat *$
			^\[.*]* \[client <HOST>:[0-9]+\] script not found or unable to stat:           


# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =