Last active
August 29, 2015 14:27
-
-
Save juliojsb/a18456269c442cec015a to your computer and use it in GitHub Desktop.
Added regex "^.*\[client <HOST>\] ModSecurity:" to /etc/fail2ban/filter.d/apache-modsecurity.conf filters of fail2ban
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fail2Ban apache-modsec filter | |
| # | |
| [INCLUDES] | |
| # Read common prefixes. If any customizations available -- read them from | |
| # apache-common.local | |
| before = apache-common.conf | |
| [Definition] | |
| failregex = ^%(_apache_error_client)s ModSecurity: (\[.*?\] )*Access denied with code [45]\d\d.*$ | |
| ^.*\[client <HOST>\] ModSecurity: | |
| ignoreregex = | |
| # https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats | |
| # Author: Daniel Black |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment