Pages : 1
#1 Le 12/12/2013, à 14:15
- alfirdaous
IPTables + Fail2Ban et erreur 404
Bonjour,
Je viens de tester un filter de fail2ban, afin de bannir l'IP lors d'une erreur 404:
jail.conf.local:
[apache-404]
enabled = true
port = http
filter = apache-404
logpath = /var/log/apache*/error*.log
maxretry = 3
apache-404:
# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
# $Revision: 471 $
#
[Definition]
# Option: failregex
# Notes.: regex to match the password failure messages in the logfile. The
# host must be matched by a group named "host". The tag "" can
# be used for standard IP/hostname matching.
# Values: TEXT
# [client x.x.x.x] File does not exist: /home/www/admin/admin,
# failregex = [[]client []] File does not exist: .*
failregex = [[]client <HOST>[]] File does not exist: *
#
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =
J'appelle une url qui genere une page 404:
[Thu Dec 12 16:08:55 2013] [error] [client 1.2.3.4] File does not exist: /home/USER/www/Images/logo2.png
en verifiant:
iptables -L | grep 1.2.3.4
Sa retourne rien (1.2.3.4) est juste une adresse qui remplace la mienne
Merci a vous
Hors ligne
Pages : 1