Skip to content

Instantly share code, notes, and snippets.

Last active August 29, 2015 14:27
What would you like to do?
Added regex "^.*\[client <HOST>\] ModSecurity:" to /etc/fail2ban/filter.d/apache-modsecurity.conf filters of fail2ban
# Fail2Ban apache-modsec filter
# Read common prefixes. If any customizations available -- read them from
# apache-common.local
before = apache-common.conf
failregex = ^%(_apache_error_client)s ModSecurity: (\[.*?\] )*Access denied with code [45]\d\d.*$
^.*\[client <HOST>\] ModSecurity:
ignoreregex =
# Author: Daniel Black
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment