# Fail2Ban configuration file # # Regexp to detect forbidden access on pages (public or not) so we can add mitigation on IP making too much # access to your a Dolibarr instance. [Definition] # To test, you can inject this example into log # echo `myvirtualhost.com:443 1.2.3.4 - - [15/Dec/2022:09:57:47 +0000] "GET /public/abc" 403 123 "-" "Mozilla" >> /var/log/apache2/access.log # # then # fail2ban-client status web-accesslog-limit403 # # To test rule file on a existing log file # fail2ban-regex /var/log/apache2/access.log /etc/fail2ban/filter.d/web-accesslog-limit403.conf --print-all-matched failregex = - - .*HTTP/[0-9]+(.[0-9]+)?" 403 ignoreregex =