HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Tips/Tricks/Mods (http://www.howtoforge.com/forums/forumdisplay.php?f=29)
-   -   Fail2Ban Apache bad_bot filter (http://www.howtoforge.com/forums/showthread.php?t=58769)

concept21 19th September 2012 10:16

Fail2Ban Apache bad_bot filter
 
Hi,
On my Ubuntu 10.04 64 bit server, I found that there was a filter bad_bot inside fail2ban filter directory. However, there is no command line about this inside the jail.local file.

Does anyone know how to use this bad_bot filter? This filter should have relationship with China bad/malicious search engines. We should watch out for this. :eek:

concept21 19th September 2012 10:22

Hey!

I have found the answer by myself! :)


[apache-badbots]
enabled = true
port = http,https
filter = apache-badbots
logpath = /var/log/apache*/*access.log
maxretry = 2


http://edin.no-ip.com/blog/hswong3i/...pache-fail2ban

concept21 19th September 2012 10:25

and also fail2ban filters update:


https://github.com/fail2ban/fail2ban...onfig/filter.d

concept21 8th October 2012 07:39

2 more useful fail2ban filters for http access: :o



[apache-nohome]
enabled = true
port = http,https
filter = apache-nohome
logpath = /var/log/apache*/*error.log
maxretry = 2


[php-url-fopen]
enabled = true
port = http,https
filter = php-url-fopen
logpath = /var/log/apache*/*access.log
maxretry = 1

concept21 24th November 2012 16:30

1 Attachment(s)
According to my statistics, hackers are very active on courierauth. :mad:


All times are GMT +2. The time now is 02:19.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.