Chef de projet developpeur web lyonnais #geek #apero #ski #sun #php #linux #shell #dev #web
Fail2ban scan log files like /var/log/apache/error_log and bans IP that makes too many bad request.
Fail2ban block bruteforcers, scanners and many other…
For more information about fail2ban see : www.fail2ban.org
Fail2ban can also be used to ban bad bots on apache.
The blocking list is fetched from www.user-agents.org.
To block spam or bad robot who visit your Apache, you need to activate apache-badbots filter :
Perhaps you will need to install fail2ban ?
sudo apt-get install fail2ban
Edit you local configuration file of fail2ban
sudo vim /etc/fail2ban/jail.local
Add :
[apache-badbots] enabled = true port = http,https filter = apache-badbots logpath = /var/log/apache*/*access.log maxretry = 2Now restart fail2ban
sudo /etc/init.d/fail2ban restart
You can now check the new rule in iptable
sudo iptables -nvL
In the result, you should have similar :
fail2ban-apache-badbots tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
Welldone !
Tweet