/etc/fail2ban/filter.d/apache-deepurls.conf to block "deep path" requests attacking apache2
# Fail2Ban configuration file | |
# 詳見: 「fail2ban: 新手老手 root 網管都要練的金鐘罩」 | |
# http://newtoypia.blogspot.tw/2016/04/fail2ban.html | |
# | |
# Author: Chao-Kuei Hung | |
# | |
# $Revision: 1 $ | |
# | |
[Definition] | |
# Option: failregex | |
# Notes.: Regexp to catch Apache overflow attempts. | |
# Values: TEXT | |
# | |
failregex = <HOST>.*GET\s+(/[^/\s]*){9} | |
#failregex = [[]client <HOST>[]] | |
# Option: ignoreregex | |
# Notes.: regex to ignore. If this regex matches, the line is ignored. | |
# Values: TEXT | |
# | |
ignoreregex = |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment