Skip to content

Instantly share code, notes, and snippets.

@ckhung
Last active April 15, 2016 01:32
Show Gist options
  • Save ckhung/a5710351b281c4bd079c7b38a692b9d6 to your computer and use it in GitHub Desktop.
Save ckhung/a5710351b281c4bd079c7b38a692b9d6 to your computer and use it in GitHub Desktop.
/etc/fail2ban/filter.d/apache-deepurls.conf to block "deep path" requests attacking apache2
# Fail2Ban configuration file
# 詳見: 「fail2ban: 新手老手 root 網管都要練的金鐘罩」
# http://newtoypia.blogspot.tw/2016/04/fail2ban.html
#
# Author: Chao-Kuei Hung
#
# $Revision: 1 $
#
[Definition]
# Option: failregex
# Notes.: Regexp to catch Apache overflow attempts.
# Values: TEXT
#
failregex = <HOST>.*GET\s+(/[^/\s]*){9}
#failregex = [[]client <HOST>[]]
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment