![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
Tag: fail2ban
sudo apt install fail2ban
#banaction = iptables-multiport banaction = ufw
[apache-403] enabled = true filter = apache-403 logpath = /var/log/apache2/access.log action = ufw maxretry = 10 findtime = 30 bantime = 1800 [apache-404] enabled = true filter = apache-404 logpath = /var/log/apache2/access.log action = ufw maxretry = 10 findtime = 30 bantime = 1800
[Definition] failregex = ^<HOST>.*"(GET|POST).*" 403 .*$ # フィルター ignoreregex = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 # ホワイトリスト
[Definition] failregex = ^<HOST>.*"(GET|POST).*" 403 .*$ # フィルター ignoreregex = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 # ホワイトリスト
[apache-badbots] ## Ban hosts which agent identifies spammer robots crawling the web ## for email addresses. The mail outputs are buffered. enabled = true filter = apache-badbots port = http,https logpath = /var/log/apache2/access.log action = ufw bantime = 48h maxretry = 1
[Definition]
#failregex = ^<HOST>.*"(GET|POST|HEAD).*HTTP.*"(?:%(badbots)s|%(badbotscustom)s).*"$
failregex = ^<HOST>.*"(GET|POST|HEAD).*HTTP.*".*(?:%(badbots)s|%(badbotscustom)s).*"$
ignoreregex =
datepattern = ^[^\[]*\[({DATE})
{^LN-BEG}
