Apache2

Fail2ban - apache-noscript.conf 過濾器不工作

  • December 30, 2019

每天晚上,機器人都試圖侵入我的 Apache 伺服器:

/var/log/apache2/error.log

輸出:

[Mon Dec 30 02:55:39.098671 2019] [php7:error] [pid 14930] [client xxx.xxx.xxx.xxx:62420] script '/var/www/html/test.php' not found or unable to stat

我本來希望fail2ban能抓住它,因為它有一個過濾器:apache-noscript.conf

[Definition]
failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)(, referer: \S+)?\s*$
^%(_apache_error_client)s script '/\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)\S*' not found or unable to stat(, referer: \S+)?\s*$

預設的 jail.conf 預設情況下這樣說:

[apache-noscript]
port     = http,https
logpath  = %(apache_error_log)s

有誰知道為什麼fail2ban 仍然不阻止訪問?

解決了!

nano /etc/fail2ban/jail.local

[apache-noscript]
enable = true

引用自:https://serverfault.com/questions/997117