fail2ban question

Discussion in 'HOWTO-Related Questions' started by bernholdt, Aug 29, 2008.

  1. bernholdt

    bernholdt Member

    After looking trough my apachalog i saw multible entries like this
    i am pretty sure that someone is scanning my sharedip directory to get access to my database etc etc.
    Isnt there a way to get fail2ban to block these requests ?? i gave been using the fail2ban setup from here, on debial etch
  2. tal56

    tal56 Member

    There's no fail2ban filter to block those because a poorly configured webpage with lots of bad links to images etc can cause the same error lines to occur. This could result in blocking a legitamate client.

    If you want there is a filter for apache to block script searches .php etc, it's pretty similar and you could edit it to block for these logs.

Share This Page