name : apache-pass.conf # Fail2Ban Apache pass filter # This filter is for access.log, NOT for error.log # # The knocking request must have a referer. [Definition] failregex = ^<HOST> - \w+ \[\] "GET <knocking_url> HTTP/1\.[01]" 200 \d+ ".*" "[^-].*"$ ignoreregex = datepattern = ^[^\[]*\[({DATE}) {^LN-BEG} [Init] knocking_url = /knocking/ # Author: Viktor Szépe