fail2ban/config/filter.d/apache-modsecurity.conf

# Fail2Ban apache-modsec filter
#

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# apache-common.local
before = apache-common.conf

[Definition]


failregex = ^%(_apache_error_client)s(?: \[client [^\]]+\])? ModSecurity:\s+(?:\[(?:\w+ \"[^\"]*\"|[^\]]*)\]\s*)*Access denied with code [45]\d\d

ignoreregex = 

# https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats
# Author: Daniel Black
#         Sergey G. Brester aka sebres (review, optimization)
ENH: apache modsecurity from 0.9 branch 2013-12-28 22:28:11 +00:00			`# Fail2Ban apache-modsec filter`
			`#`

			`[INCLUDES]`

			`# Read common prefixes. If any customizations available -- read them from`
			`# apache-common.local`
			`before = apache-common.conf`

			`[Definition]`


updated 2018-10-04 17:34:33 +00:00			`failregex = ^%(_apache_error_client)s(?: \[client [^\]]+\])? ModSecurity:\s+(?:\[(?:\w+ \"[^\"]\"\|[^\]])\]\s)Access denied with code [45]\d\d`
ENH: apache modsecurity from 0.9 branch 2013-12-28 22:28:11 +00:00
			`ignoreregex =`

			`# https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats`
			`# Author: Daniel Black`
Update botsearch-common.conf (#1759) * Update botsearch-common.conf, apache-modsecurity.conf: typo and missing new-line 2017-04-26 18:14:39 +00:00			`# Sergey G. Brester aka sebres (review, optimization)`