Menu

#74 apache-badbots Filter is broken

v1.0 (example)
open
nobody
filter (1)
5
2017-05-22
2017-05-22
Martin
No

The regular expression in the /etc/fail2ban/filter.d/apache-badbots.conf file is broken.

It is:
failregex = ^<HOST> -."(GET|POST).HTTP.*"(?:%(badbots)s|%(badbotscustom)s)"$
However it doesn't match, because most bots use a more complex string. The regexp should be:

failregex = ^<HOST> -."(GET|POST).HTTP.".(?:%(badbotscustom)s|%(badbots)s).*"$

Discussion

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.