Posts

Showing posts from July, 2017

Fail2ban block 404 scan and invalid method in request on Apache server

Fail2ban block 404 scan and invalid method in request on Apache server 1. Create filter /etc/fail2ban/filter.d/apache-404.conf [Definition] failregex = [[]client <HOST>[]] File does not exist: *                    [[]client <HOST>[]] Invalid method in request *   ignoreregex = 2. Add new jail /etc/fail2ban/jail.conf [apache-404] enabled = true port = http,https filter = apache-404 action  = iptables-multiport[name=apache-404,port="80,443"] logpath = /var/log/httpd/error_log #you can add email notification as well action  = iptables-multiport[name=apache-404, port="http,https", protocol=tcp]           sendmail-whois[name=apache-404, [email protected], [email protected], sendername="Server-Fail2Ban"] bantime = 172800 maxretry = 2 findtime = 86400   ; 1 day 3. If everything is ok, you can test it with command:  fail2ban-regex /var/log/httpd/error_log /etc/fail2ban/filter.d/apache-404.conf