name : nginx-botsearch.conf # Fail2Ban filter to match web requests for selected URLs that don't exist # [INCLUDES] # Load regexes for filtering before = botsearch-common.conf [Definition] failregex = ^<HOST> \- \S+ \[\] \"(GET|POST|HEAD) \/<block> \S+\" 404 .+$ ^ \[error\] \d+#\d+: \*\d+ (\S+ )?\"\S+\" (failed|is not found) \(2\: No such file or directory\), client\: <HOST>\, server\: \S*\, request: \"(GET|POST|HEAD) \/<block> \S+\"\, .*?$ ignoreregex = datepattern = {^LN-BEG}%%ExY(?P<_sep>[-/.])%%m(?P=_sep)%%d[T ]%%H:%%M:%%S(?:[.,]%%f)?(?:\s*%%z)? ^[^\[]*\[({DATE}) {^LN-BEG} journalmatch = _SYSTEMD_UNIT=nginx.service + _COMM=nginx # DEV Notes: # Based on apache-botsearch filter # # Author: Frantisek Sumsal