diff --git a/debian/jail.conf b/debian/jail.conf
index 1169bbb0..ce9c7eb1 100644
--- a/debian/jail.conf
+++ b/debian/jail.conf
@@ -109,6 +109,15 @@ port     = anyport
 logpath  = /var/log/auth.log
 maxretry = 6
 
+[xinetd-fail]
+
+enabled   = false
+filter    = xinetd-fail
+port      = all
+banaction = iptables-multiport-log
+logpath   = /var/log/daemon.log
+maxretry  = 2
+
 
 [ssh-ddos]
 
@@ -127,7 +136,7 @@ maxretry = 6
 enabled = false
 port	= http,https
 filter	= apache-auth
-logpath = /var/log/apache*/*access.log
+logpath = /var/log/apache*/*error.log
 maxretry = 6
 
 # default action is now multiport, so apache-multiport jail was left
@@ -137,7 +146,7 @@ maxretry = 6
 enabled   = false
 port	  = http,https
 filter	  = apache-auth
-logpath   = /var/log/apache*/*access.log
+logpath   = /var/log/apache*/*error.log
 maxretry  = 6
 
 [apache-noscript]
@@ -148,6 +157,14 @@ filter  = apache-noscript
 logpath = /var/log/apache*/*error.log
 maxretry = 6
 
+[apache-overflows]
+
+enabled = false
+port    = http,https
+filter  = apache-overflows
+logpath = /var/log/apache*/*error.log
+maxretry = 2
+
 #
 # FTP servers
 #
@@ -226,12 +243,21 @@ logpath  = /var/log/mail.log
 
 # DNS Servers
 
-# Mention: by default logging is off with bind installation.
-# Need smth like
+
+# These jails block attacks against named (bind9). By default, logging is off
+# with bind9 installation. You will need something like this:
+#
 # logging {
-#       channel security_file { file "/var/log/named/security.log" versions 3 size 30m; severity dynamic; print-time yes; };
-# 		category security { security_file; };
+#     channel security_file {
+#         file "/var/log/named/security.log" versions 3 size 30m;
+#         severity dynamic;
+#         print-time yes;
+#     };
+#     category security {
+#         security_file;
+#     };
 # }
+#
 # in your named.conf to provide proper logging
 
 # Word of Caution: