2013-12-28 22:28:11 +00:00
|
|
|
# Fail2Ban apache-modsec filter
|
|
|
|
#
|
|
|
|
|
|
|
|
[INCLUDES]
|
|
|
|
|
|
|
|
# Read common prefixes. If any customizations available -- read them from
|
|
|
|
# apache-common.local
|
|
|
|
before = apache-common.conf
|
|
|
|
|
|
|
|
[Definition]
|
|
|
|
|
|
|
|
|
2016-11-28 10:28:27 +00:00
|
|
|
failregex = ^%(_apache_error_client)s ModSecurity:\s+(?:\[(?:\w+ \"[^\"]*\"|[^\]]*)\]\s*)*Access denied with code [45]\d\d
|
2013-12-28 22:28:11 +00:00
|
|
|
|
|
|
|
ignoreregex =
|
|
|
|
|
|
|
|
# https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats
|
|
|
|
# Author: Daniel Black
|
2016-11-28 10:28:27 +00:00
|
|
|
# Sergey G. Brester aka sebres (review, optimization)
|