diff --git a/root/etc/fail2ban/filter.d/apache-scan.conf b/root/etc/fail2ban/filter.d/apache-scan.conf index fa189ed..ac7d0be 100644 --- a/root/etc/fail2ban/filter.d/apache-scan.conf +++ b/root/etc/fail2ban/filter.d/apache-scan.conf @@ -1,8 +1,8 @@ [Definition] re_pma = (admin|administrator|database|db|sql|typo3|xampp\/)?(pma|PMA|phpmyadmin|phpMyAdmin(\-?[\d\.\-]+((rc|pl|beta)\d+)?)?|myadmin|mysql|mysqladmin|sqladmin|mypma|xampp|mysqldb|mydb|db|pmadb|phpmyadmin1|myadmin2|php\-my\-admin|sqlmanager|websql|sqlweb|MyAdmin|phpadmin|sql|pma2005|databaseadmin|phpmanager)(\/main\.php|setup\.php|read_dump\.php|read_dump\.phpmain\.php)? -re_admin = administrator|manager(\/(status|html))?|webadmin|ecrire|admin|mailadmin|setup\.php|admin\/modules\/backup\/page\.backup\.php +re_admin = administrator(\/index\.php)?|manager(\/(status|html))?|webadmin|ecrire|admin((\.php)|(\/(config|login)\.php))?|mailadmin|setup\.php|admin\/modules\/backup\/page\.backup\.php re_proxy = freenode-proxy-checker\.txt|proxy|proxychecker|proxyheader\.php -re_various = vtigercrm|typo3|scripts|wp\-admin|wp\-login\.php|wordpress|horde(\d+)?|w00tw00t\.* +re_various = vtigercrm|typo3|scripts|wp\-admin|wp\-login\.php|wordpress|horde(\d+(\/+README)?)?|w00tw00t\.*|\/?plmplmplm\/plm\.php failregex = \[client \] File does not exist: .*\/(%(re_pma)s|%(re_admin)s|%(re_proxy)s|%(re_various)s)$ \[client \] client denied by server configuration: .*\/(%(re_admin)s|%(re_proxy)s)$