mirror of https://github.com/fail2ban/fail2ban
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
984 B
38 lines
984 B
# Fail2Ban filter to block web requests for stuff that doesn't exist
|
|
#
|
|
# This is normally a predefined list of exploitable or valuable web services
|
|
# that are hidden or aren't actually installed.
|
|
#
|
|
|
|
[INCLUDES]
|
|
|
|
# overwrite with apache-common.local if _apache_error_client is incorrect.
|
|
before = apache-common.conf
|
|
|
|
[Definition]
|
|
|
|
failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): <webroot><block>(, referer: \S+)?\s*$
|
|
|
|
ignoreregex =
|
|
|
|
|
|
[Init]
|
|
|
|
# Webroot represents the webroot on which all other files are based
|
|
webroot = /var/www/
|
|
# Block is the actual non-found directories to block
|
|
block = (<webmail>|<phpmyadmin>|<wordpress>)[^,]*
|
|
|
|
# These are just convient definitions that assist the blocking of stuff that
|
|
# isn't installed
|
|
webmail = roundcube|mail|horde|webmail
|
|
|
|
phpmyadmin = (typo3/|xampp/|admin/|)(pma|(php)?[Mm]y[Aa]dmin)
|
|
|
|
wordpress = wp-(login|signup)\.php
|
|
|
|
|
|
# DEV Notes:
|
|
#
|
|
# Author: Daniel Black
|