| DIR: /etc/fail2ban/filter.d/ |
| Current File : //etc/fail2ban/filter.d/apache-modsecurity.conf |
# Fail2Ban apache-modsec filter # [INCLUDES] # Read common prefixes. If any customizations available -- read them from # apache-common.local before = apache-common.conf [Definition] failregex = ^%(_apache_error_client)s(?: \[client [^\]]+\])? ModSecurity:\s+(?:\[(?:\w+ \"[^\"]*\"|[^\]]*)\]\s*)*Access denied with code [45]\d\d ignoreregex = # https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats # Author: Daniel Black # Sergey G. Brester aka sebres (review, optimization) |