Fail2Ban Apache bad_bot filter

Discussion in 'Tips/Tricks/Mods' started by concept21, Sep 19, 2012.

  1. concept21

    concept21 Member

    On my Ubuntu 10.04 64 bit server, I found that there was a filter bad_bot inside fail2ban filter directory. However, there is no command line about this inside the jail.local file.

    Does anyone know how to use this bad_bot filter? This filter should have relationship with China bad/malicious search engines. We should watch out for this. :eek:
  2. concept21

    concept21 Member

  3. concept21

    concept21 Member

  4. concept21

    concept21 Member

    2 more useful fail2ban filters for http access: :eek:

    enabled = true
    port = http,https
    filter = apache-nohome
    logpath = /var/log/apache*/*error.log
    maxretry = 2

    enabled = true
    port = http,https
    filter = php-url-fopen
    logpath = /var/log/apache*/*access.log
    maxretry = 1
  5. concept21

    concept21 Member

    According to my statistics, hackers are very active on courierauth. :mad:

    Attached Files:

Share This Page