https://bz.apache.org/bugzilla/show_bug.cgi?id=60681
--- Comment #12 from William A. Rowe Jr. <wr...@apache.org> --- "Fail2ban already has an "apache-overflows" jail, which reads the ErrorLog. It would then really be convenient (and logical) to add to this existing jail a new rule to catch "request failed: error reading the headers" (and other faulty timeout) messages. This would avoid adding a new jail, reading a new file (the AccessLog), which is also much bigger to compute than the ErrorLog." Be aware that there are already a number of 400/408 exceptions that will only appear in the access log today by default at LogLevel Info, and that appears to be true of the earlier revisions. So the suggestion to ignore the access log isn't really viable. I am still in the process of cross-tabulating all of the previous and current behaviors. I also made a substantial mistake about mod_reqtimeout; using telnet - the terminal type handshake occurred - using nc or direct socket access and writing no bytes, mod_reqtimeout does not log an error in the access log. Only after some bytes are read or written will it log this faux-error access entry with no error response to the client. --- Comment #13 from William A. Rowe Jr. <wr...@apache.org> --- "Fail2ban already has an "apache-overflows" jail, which reads the ErrorLog. It would then really be convenient (and logical) to add to this existing jail a new rule to catch "request failed: error reading the headers" (and other faulty timeout) messages. This would avoid adding a new jail, reading a new file (the AccessLog), which is also much bigger to compute than the ErrorLog." Be aware that there are already a number of 400/408 exceptions that will only appear in the access log today by default at LogLevel Info, and that appears to be true of the earlier revisions. So the suggestion to ignore the access log isn't really viable. I am still in the process of cross-tabulating all of the previous and current behaviors. I also made a substantial mistake about mod_reqtimeout; using telnet - the terminal type handshake occurred - using nc or direct socket access and writing no bytes, mod_reqtimeout does not log an error in the access log. Only after some bytes are read or written will it log this faux-error access entry with no error response to the client. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
