github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

filter.d/apache-auth.conf: joined some similar expressions

pull/1758/head
sebres 2017-04-24 15:32:44 +02:00
parent e35ed1cdf7
commit 507034c5be
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/filter.d/apache-auth.conf
View File

@ -14,10 +14,8 @@ prefregex = ^%(_apache_error_client)s (?:AH\d+: )?<F-CONTENT>.+</F-CONTENT>$
# auth_type = ((?:Digest|Basic): )? # auth_type = ((?:Digest|Basic): )?
auth_type = ([A-Z]\w+: )? auth_type = ([A-Z]\w+: )?
failregex = ^client denied by server configuration\b failregex = ^client (?:denied by server configuration|used wrong authentication scheme)\b
^user <F-USER>(?:\S*|.*?)</F-USER> auth(?:oriz|entic)ation failure\b ^user <F-USER>(?:\S*|.*?)</F-USER> (?:auth(?:oriz|entic)ation failure|not found|denied by provider)\b
^user <F-USER>(?:\S*|.*?)</F-USER> not found\b
^client used wrong authentication scheme\b
^Authorization of user <F-USER>(?:\S*|.*?)</F-USER> to access .*? failed\b ^Authorization of user <F-USER>(?:\S*|.*?)</F-USER> to access .*? failed\b
^%(auth_type)suser <F-USER>(?:\S*|.*?)</F-USER>: password mismatch\b ^%(auth_type)suser <F-USER>(?:\S*|.*?)</F-USER>: password mismatch\b
^%(auth_type)suser `<F-USER>(?:[^']*|.*?)</F-USER>' in realm `.+' (not found|denied by provider)\b ^%(auth_type)suser `<F-USER>(?:[^']*|.*?)</F-USER>' in realm `.+' (not found|denied by provider)\b