stephanethomas/apache-ddos.conf

## apache-ddos.conf
# Fail2Ban configuration file
#
# 93.114.132.34 - - [27/Apr/2012:09:50:55 +0200] "GET / HTTP/1.1" 200 3241 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
# sd-31638.dedibox.fr:80 193.33.237.205 - - [26/Apr/2012:13:27:46 +0200] "GET /db/main.php HTTP/1.0" 403 249 "-" "-"
#

[Definition]

# Option:  failregex
# Notes.:  regex to match any GET entry in the logfile, so basically all valid
#          and not valid entries are a match. You should setup the maxretry and
#          findtime carefully in order to avoid false positives.
# Values:  TEXT
#
failregex = ^(?:[a-zA-Z0-9.-]+:\d+ )?<HOST> .*\"GET
	# Fail2Ban configuration file
	#
	# 93.114.132.34 - - [27/Apr/2012:09:50:55 +0200] "GET / HTTP/1.1" 200 3241 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
	# sd-31638.dedibox.fr:80 193.33.237.205 - - [26/Apr/2012:13:27:46 +0200] "GET /db/main.php HTTP/1.0" 403 249 "-" "-"
	#

	[Definition]

	# Option: failregex
	# Notes.: regex to match any GET entry in the logfile, so basically all valid
	# and not valid entries are a match. You should setup the maxretry and
	# findtime carefully in order to avoid false positives.
	# Values: TEXT
	#
	failregex = ^(?:[a-zA-Z0-9.-]+:\d+ )?<HOST> .*\"GET