From d84fb8a4b1111e2730a4e5d1adff3356e055d10f Mon Sep 17 00:00:00 2001
From: "Sergey G. Brester" <github@sebres.de>
Date: Thu, 21 Feb 2019 22:19:04 +0100
Subject: [PATCH] regex rewritten (more secure now, resolves catch-all vulni)

---
 config/filter.d/traefik-auth.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/filter.d/traefik-auth.conf b/config/filter.d/traefik-auth.conf
index 9a9b90a7..8321a138 100644
--- a/config/filter.d/traefik-auth.conf
+++ b/config/filter.d/traefik-auth.conf
@@ -51,6 +51,6 @@
 
 [Definition]
 
-failregex = ^<HOST> \- (?!- )\S+ \[\] \"(GET|POST|HEAD) .+\" 401 .+$
+failregex = ^<HOST> \- (?!- )\S+ \[\] \"(GET|POST|HEAD) [^\"]+\" 401\b
 
 ignoreregex =