Fail2ban – simple DOS defense for Apache

Fail2ban described earlier will help us defend against many types of attempts intended to harm us. Today: Apache.

1. create the file:

vi /etc/fail2ban/jail.d/httpd.local

2. with this content:

[apache]
enabled = true
port = http,https
filter = apache-auth
logpath = %(apache_error_log)s
maxretry = 3
bantime = 86400

[apache-badbots]
enabled = true
port = http,https
filter = apache-badbots
logpath = %(apache_error_log)s
maxretry = 1
bantime = 86400

[apache-noscript]
enabled = true
port = http,https
filter = apache-noscript
logpath = %(apache_error_log)s
maxretry = 3
bantime = 86400

[apache-overflows]
enabled = true
port = http,https
filter = apache-overflows
logpath = %(apache_error_log)s
maxretry = 2
bantime = 86400

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *