FAIL2BAN - Filter.d - http-path-t

From IT-Arts.net


Return to Wiki Index


! Should be customized to your needs !

Filter.d

[Definition]
# http-path-t.conf
# Path Traversal Attacks
# Matches attempts to traverse the directory structure (e.g., ../../etc/passwd or .\..\etc\passwd)
           failregex = ^<HOST>.*(\.\./|\.\.\\|%%2e%%2e%%2f|%%2e%%2e%%5c).*\/etc\/passwd.*$

ignoreregex =


Jail.conf

[http-path-t]
enabled  = true
banaction = %(banaction_allports)s
logpath  = /var/log/nginx/*.access.log
maxretry = 1
bantime  = -1
findtime = 3d
backend = polling
Retrieved from "https://it-arts.net/index.php?title=FAIL2BAN_-_Filter.d_-_http-path-t&oldid=1050"