# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
# $Revision$
#

[Definition]

# Option:  maxretry
# Notes.:  number of failures before IP gets banned.
# Values:  NUM  Default:  5
#
maxretry = 5

# Option:  logfile
# Notes.:  logfile to monitor.
# Values:  FILE  Default:  /var/log/httpd/access_log
#
logfile = /var/log/httpd/access_log

# Option:  timeregex
# Notes.:  regex to match timestamp in Apache logfile. For TAI64N format,
#          use timeregex = @[0-9a-f]{24}
# Values:  [Wed Jan 05 15:08:01 2005]
# Default: \S{3} \S{3} \d{2} \d{2}:\d{2}:\d{2} \d{4}
#
timeregex = \S{3} \S{3} \d{2} \d{2}:\d{2}:\d{2} \d{4}

# Option:  timepattern
# Notes.:  format used in "timeregex" fields definition. Note that '%' must be
#          escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule).
#          For TAI64N format, use timepattern = tai64n
# Values:  TEXT  Default:  %%a %%b %%d %%H:%%M:%%S %%Y
#
timepattern = %%a %%b %%d %%H:%%M:%%S %%Y

# Option:  failregex
# Notes.:  regex to match the password failure messages in the logfile.
# Values:  TEXT  Default:  authentication failure|user .* not found
#
failregex = authentication failure|user .* not found