2013-10-30 13:02:59 +00:00
|
|
|
# Fail2Ban filter to web requests for home directories on Apache servers
|
2008-10-13 14:37:25 +00:00
|
|
|
#
|
2013-10-30 13:02:59 +00:00
|
|
|
# Regex to match failures to find a home directory on a server, which
|
|
|
|
# became popular last days. Most often attacker just uses IP instead of
|
|
|
|
# domain name -- so expect to see them in generic error.log if you have
|
|
|
|
# per-domain log files.
|
2008-10-13 14:37:25 +00:00
|
|
|
|
2013-06-11 18:56:25 +00:00
|
|
|
[INCLUDES]
|
|
|
|
|
2013-10-30 13:02:59 +00:00
|
|
|
# overwrite with apache-common.local if _apache_error_client is incorrect.
|
2013-06-11 18:56:25 +00:00
|
|
|
before = apache-common.conf
|
|
|
|
|
2008-10-13 14:37:25 +00:00
|
|
|
[Definition]
|
|
|
|
|
2013-10-30 13:02:59 +00:00
|
|
|
|
2013-08-25 11:13:11 +00:00
|
|
|
failregex = ^%(_apache_error_client)s (AH00128: )?File does not exist: .*/~.*
|
2008-10-13 14:37:25 +00:00
|
|
|
|
|
|
|
ignoreregex =
|
2013-10-30 13:02:59 +00:00
|
|
|
|
|
|
|
# Author: Yaroslav O. Halchenko <debian@onerussian.com>
|