From bd74f7ba8b3f706d0107f3065ea7d6fc3aee534f Mon Sep 17 00:00:00 2001
From: benrubson <ben.rubson@gmail.com>
Date: Wed, 4 Apr 2018 00:20:58 +0200
Subject: [PATCH] Detect Apache SNI error / misredirect attempts, typos

---
 config/filter.d/apache-auth.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/filter.d/apache-auth.conf b/config/filter.d/apache-auth.conf
index 35911745..b7aa8b30 100644
--- a/config/filter.d/apache-auth.conf
+++ b/config/filter.d/apache-auth.conf
@@ -24,7 +24,7 @@ failregex = ^client (?:denied by server configuration|used wrong authentication
             ^%(auth_type)sunknown algorithm `(?:[^']*|.*?)' received\b
             ^invalid qop `(?:[^']*|.*?)' received\b
             ^%(auth_type)sinvalid nonce .*? received - user attempted time travel\b
-            ^Hostname .* provided via SNI(, but no hostname| and hostname .*) provided\b
+            ^Hostname \S+ provided via SNI(?:, but no hostname| and hostname \S+) provided\b
             ^No hostname was provided via SNI for a name based virtual host\b
 
 ignoreregex =