fail2ban/config/filter.d/apache-noscript.conf

# Fail2Ban filter to block web requests for scripts (on non scripted websites)
#
#

[INCLUDES]

# overwrite with apache-common.local if _apache_error_client is incorrect.
before = apache-common.conf

[Definition]

failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(\.php|\.asp|\.exe|\.pl)\s*$
            ^%(_apache_error_client)s script '/\S*(\.php|\.asp|\.exe|\.pl)\S*' not found or unable to stat\s*$

ignoreregex = 


# DEV Notes:
#
# https://wiki.apache.org/httpd/ListOfErrors for apache error IDs
#
# Second regex, script '/\S*(\.php|\.asp|\.exe|\.pl)\S*' not found or unable to stat\s*$ is Before http-2.2
#
# Author: Cyril Jaquier
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-30 13:02:59 +00:00			`# Fail2Ban filter to block web requests for scripts (on non scripted websites)`
- Added "apache-noscript" filter. Thanks to Pander git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@411 a942ae1a-1317-0410-a47c-b1dcaea8d605 2006-10-17 19:05:27 +00:00			`#`
			`#`

BF: anchor apache- filters. Close #248 See https://vndh.net/note:fail2ban-089-denial-service for more information 2013-06-11 18:56:25 +00:00			`[INCLUDES]`

DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-30 13:02:59 +00:00			`# overwrite with apache-common.local if _apache_error_client is incorrect.`
BF: anchor apache- filters. Close #248 See https://vndh.net/note:fail2ban-089-denial-service for more information 2013-06-11 18:56:25 +00:00			`before = apache-common.conf`

- Added "apache-noscript" filter. Thanks to Pander git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@411 a942ae1a-1317-0410-a47c-b1dcaea8d605 2006-10-17 19:05:27 +00:00			`[Definition]`

ENH: apache-2.4 message IDs for filter apache-noscript 2013-11-10 23:49:11 +00:00			`failregex = ^%(_apache_error_client)s ((AH001(28\|30): )?File does not exist\|(AH01264: )?script not found or unable to stat): /\S(\.php\|\.asp\|\.exe\|\.pl)\s$`
BF: anchor apache- filters. Close #248 See https://vndh.net/note:fail2ban-089-denial-service for more information 2013-06-11 18:56:25 +00:00			`^%(_apache_error_client)s script '/\S(\.php\|\.asp\|\.exe\|\.pl)\S' not found or unable to stat\s*$`
- Added option "ignoreregex" in filter scripts and jail.conf. Feature Request #1283304 git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@458 a942ae1a-1317-0410-a47c-b1dcaea8d605 2006-11-12 14:52:36 +00:00
- Defined default values in .conf. Should fix Debian bug #398758 git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@464 a942ae1a-1317-0410-a47c-b1dcaea8d605 2006-11-15 18:44:28 +00:00			`ignoreregex =`
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-30 13:02:59 +00:00

ENH: apache-2.4 message IDs for filter apache-noscript 2013-11-10 23:49:11 +00:00			`# DEV Notes:`
			`#`
			`# https://wiki.apache.org/httpd/ListOfErrors for apache error IDs`
			`#`
			`# Second regex, script '/\S(\.php\|\.asp\|\.exe\|\.pl)\S' not found or unable to stat\s*$ is Before http-2.2`
			`#`
DOC: in filters, put user relevant doc at top, and developer info at bottom, and remove all the repetative blindly copied stuff that appears in the jail man page 2013-10-30 13:02:59 +00:00			`# Author: Cyril Jaquier`