Talk:Mod Security

From Fail2ban
Revision as of 04:16, 26 March 2011 by Stevan Bajic (talk | contribs) (Created page with 'Would the following regexp not be better then the one currently mentioned in the wiki? ^[^\s]+\s+<HOST>(?:\s+\-){2}\s+.*HTTP\/1\.[01]\"\s+(?:5|4(?!04)) This basically blocks re…')
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Would the following regexp not be better then the one currently mentioned in the wiki? 

^[^\s]+\s+<HOST>(?:\s+\-){2}\s+.*HTTP\/1\.[01]\"\s+(?:5|4(?!04))

This basically blocks requests generating any 5nn or 4nn (except 404) errors. And it does that only to non authenticated users (assuming you trust your own users).

Retrieved from "http://wiki.fail2ban.org/wiki/index.php?title=Talk:Mod_Security&oldid=3291"