sudo apt install fail2ban
sudo systemctl enable fail2ban.service
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
nano /etc/fail2ban/filter.d/apache-custombots.conf
# Block all malicious bots
[Definition]
custombots = SemrushBot|AhrefsBot|Mb2345Browser|MegaIndex\.ru|MJ12bot|DotBot|Baiduspider|YandexBot|LieBaoFast|zh_CN|zh-CN|SeznamBot|trendictionbot|magpie-crawler|python-requests
failregex = ^<HOST> .*(GET|POST|HEAD).*(%(custombots)s).*$
ignoreregex =
datepattern = ^[^\[]*\[({DATE})
{^LN-BEG}
[apache-custombots]
enabled = true
port = http,https
filter = apache-custombots
logpath = %(apache_access_log)s
findtime = 3600
maxretry = 1
bantime = 24h
sudo systemctl restart fail2ban
sudo systemctl status fail2ban.service
fail2ban-regex /var/log/apache2/access.log /etc/fail2ban/filter.d/apache-custombots.conf
f2bstall() {
JAILS=($(fail2ban-client status | grep "Jail list" | sed -E 's/^[^:]+:[ \t]+//' | sed 's/,//g'))
for JAIL in ${JAILS[@]}
do
echo "--------------- 👀 JAIL STATUS: $JAIL ... ---------------"
fail2ban-client status $JAIL
echo "--------------- ... ---------------"
done
}
source ~/.bashrc
f2bstall