/etc/fail2ban/filter.d/apache-deepurls.conf to block "deep path" requests attacking apache2
| # Fail2Ban configuration file | |
| # 詳見: 「fail2ban: 新手老手 root 網管都要練的金鐘罩」 | |
| # http://newtoypia.blogspot.tw/2016/04/fail2ban.html | |
| # | |
| # Author: Chao-Kuei Hung | |
| # | |
| # $Revision: 1 $ | |
| # | |
| [Definition] | |
| # Option: failregex | |
| # Notes.: Regexp to catch Apache overflow attempts. | |
| # Values: TEXT | |
| # | |
| failregex = <HOST>.*GET\s+(/[^/\s]*){9} | |
| #failregex = [[]client <HOST>[]] | |
| # Option: ignoreregex | |
| # Notes.: regex to ignore. If this regex matches, the line is ignored. | |
| # Values: TEXT | |
| # | |
| ignoreregex = |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment