name : apache-modsecurity.conf # Fail2Ban apache-modsec filter # [INCLUDES] # Read common prefixes. If any customizations available -- read them from # apache-common.local before = apache-common.conf [Definition] failregex = ^%(_apache_error_client)s(?: \[client [^\]]+\])? ModSecurity:\s+(?:\[(?:\w+ \"[^\"]*\"|[^\]]*)\]\s*)*Access denied with code [45]\d\d ignoreregex = # https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats # Author: Daniel Black # Sergey G. Brester aka sebres (review, optimization)