HEX
Server: Apache
System: Linux srv13.cpanelhost.cl 3.10.0-962.3.2.lve1.5.38.el7.x86_64 #1 SMP Thu Jun 18 05:28:41 EDT 2020 x86_64
User: cca63905 (4205)
PHP: 7.3.20
Disabled: NONE
$ pwd: /proc/self/cwd/guiaweb/dev/setup/fail2ban/filter.d/
Upload Files
File: //proc/self/cwd/guiaweb/dev/setup/fail2ban/filter.d/web-accesslog-limit404.conf
# Fail2Ban configuration file
#
# Regexp to detect not found access on pages (public or not) so we can add mitigation on IP making too much
# access to a Dolibarr instance.

[Definition]

# To test, you can inject this example into log
# echo 'myvirtualhost.com:443 1.2.3.4 - - [15/Dec/2022:09:57:47 +0000] "GET /attemptedpage HTTP/1.1" 404 123 "-" "Mozilla"' >> /var/log/apache2/other_vhosts_access.log
# echo '1.2.3.4 - - [18/Jul/2024:00:17:15 +0000] "GET /attemptedpage HTTP/1.1" 404 4142 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0"' >> /var/log/apache2/access_ssl.log
# WARNING: Set the date in log that is current date
#
# then
# fail2ban-client status web-accesslog-limit404
#
# To test rule file on a existing log file
# fail2ban-regex /var/log/apache2/other_vhosts_access.log /etc/fail2ban/filter.d/web-accesslog-limit404.conf

failregex = <HOST> - - .*HTTP/[0-9]+(.[0-9]+)?" 404
ignoreregex =
@ Telegram