mirror of https://github.com/fail2ban/fail2ban
ENH: apache modsecurity from 0.9 branch
parent
6666f41ee6
commit
c074773805
|
@ -46,6 +46,7 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
|
|||
|
||||
Daniel Black
|
||||
* filter.d/solid-pop3d -- added thanks to Jacques Lav!gnotte on mailinglist.
|
||||
* Add filter for apache-modsecurity
|
||||
Bas van den Dikkenberg & Steven Hiscocks
|
||||
* filter.d/nsd.conf -- also amended Unix date template to match nsd format
|
||||
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
# Fail2Ban apache-modsec filter
|
||||
#
|
||||
|
||||
[INCLUDES]
|
||||
|
||||
# Read common prefixes. If any customizations available -- read them from
|
||||
# apache-common.local
|
||||
before = apache-common.conf
|
||||
|
||||
[Definition]
|
||||
|
||||
|
||||
failregex = ^%(_apache_error_client)s ModSecurity: (\[.*?\] )*Access denied with code [45]\d\d.*$
|
||||
|
||||
ignoreregex =
|
||||
|
||||
# https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats
|
||||
# Author: Daniel Black
|
|
@ -187,6 +187,17 @@ logpath = /var/log/apache*/*error.log
|
|||
maxretry = 6
|
||||
|
||||
|
||||
[apache-modsecurity]
|
||||
|
||||
enabled = false
|
||||
filter = apache-modsecurity
|
||||
action = iptables-multiport[name=apache-modsecurity,port="80,443"]
|
||||
logpath = /var/log/apache*/*error.log
|
||||
/home/www/myhomepage/error.log
|
||||
maxretry = 2
|
||||
|
||||
|
||||
[nginx-http-auth]
|
||||
[nginx-http-auth]
|
||||
|
||||
enabled = false
|
||||
|
|
Loading…
Reference in New Issue