FAIL2BAN - Filter.d - http-rfi

From IT-Arts.net


Return to Wiki Index


! Should be customized to your needs !

Filter.d

[Definition]
# http-rfi.conf
# Remote File Inclusion (RFI)
# Matches attempts to include remote files (e.g. http://example.com/malicious_file.php)
           failregex = ^<HOST>.*(?:https?|ftp):\/\/(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,6}\/.*\.(?:php|jsp|asp|cgi|pl|txt|xml|json|html?).*$`

ignoreregex =


Jail.conf

[http-rfi]
enabled  = true
banaction = %(banaction_allports)s
logpath  = /var/log/nginx/*.access.log
maxretry = 1
bantime  = -1
findtime = 3d
backend = polling
Retrieved from "https://it-arts.net/index.php?title=FAIL2BAN_-_Filter.d_-_http-rfi&oldid=859"