# Fail2Ban configuration file
#
# Regexp to detect not found access on pages (public or not) so we can add mitigation on IP making too much
# access to a Dolibarr instance.

[Definition]

# To test, you can inject this example into log
# echo 'myvirtualhost.com:443 1.2.3.4 - - [15/Dec/2022:09:57:47 +0000] "GET /attemptedpage HTTP/1.1" 404 123 "-" "Mozilla"' >> /var/log/apache2/other_vhosts_access.log
# echo '1.2.3.4 - - [18/Jul/2024:00:17:15 +0000] "GET /attemptedpage HTTP/1.1" 404 4142 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0"' >> /var/log/apache2/access_ssl.log
# WARNING: Set the date in log that is current date
#
# then
# fail2ban-client status web-accesslog-limit404
#
# To test rule file on a existing log file
# fail2ban-regex /var/log/apache2/other_vhosts_access.log /etc/fail2ban/filter.d/web-accesslog-limit404.conf

failregex = <HOST> - - .*HTTP/[0-9]+(.[0-9]+)?" 404
ignoreregex =