thanks! fixed in the repository (branch up/apache_noscript_fix) but I would prefer to wait until 0.8.3 gets into lenny, and then I will upload -2, ok?
On Fri, 25 Jul 2008, Bernd Zeimetz wrote: > Package: fail2ban > Version: 0.7.5-2 > Severity: normal > The regexp in apache-noscript.conf also matches if the *referer* url > contains "evil" scripts. For example it matches on: > [Thu Jul 24 20:53:18 2008] [error] [client 93.133.180.18] File does not > exist: /var/www/foo01/mambots, referer: http://www.foobar.de/index.php > The correct regexp would be: > failregex = [[]client <HOST>[]] (File does not exist|script not found or > unable to stat): /\S*(\.php|\.asp|\.exe|\.pl) > The problem still exists in the latest version in unstable. > Best regards, > Bernd -- Yaroslav Halchenko Research Assistant, Psychology Department, Rutgers-Newark Student Ph.D. @ CS Dept. NJIT Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171 101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
