mirror of https://github.com/fail2ban/fail2ban
29 lines
827 B
Plaintext
29 lines
827 B
Plaintext
# Fail2Ban filter to match web requests for selected URLs that don't exist
|
|
#
|
|
|
|
[Definition]
|
|
|
|
failregex = ^<HOST> \- \S+ \[\] \"(GET|POST) \/<block> \S+\" 404 .+$
|
|
^ \[error\] \d+#\d+: \*\d+ (\S+ )?\"\S+\" (failed|is not found) \(2\: No such file or directory\), client\: <HOST>\, server\: \S*\, request: \"(GET|POST) \/<block> \S+\"\, .*?$
|
|
|
|
ignoreregex =
|
|
|
|
|
|
[Init]
|
|
|
|
# Block is the actual non-found directories to block
|
|
block = \/?(<webmail>|<phpmyadmin>|<wordpress>|cgi-bin|mysqladmin)[^,]*
|
|
|
|
# These are just convient definitions that assist the blocking of stuff that
|
|
# isn't installed
|
|
webmail = roundcube|(ext)?mail|horde|(v-?)?webmail
|
|
|
|
phpmyadmin = (typo3/|xampp/|admin/|)(pma|(php)?[Mm]y[Aa]dmin)
|
|
|
|
wordpress = wp-(login|signup)\.php
|
|
|
|
|
|
# DEV Notes:
|
|
# Based on apache-botsearch filter
|
|
#
|
|
# Author: Frantisek Sumsal |