Replies: 1 comment
-
Your current - ...Access denied with code [45]\d\d
+ ...(?:Access denied with code [45]\d\d|Warning\. Pattern match) so it would look like this: failregex = ^%(_apache_error_client)s(?: \[client [^\]]+\])? ModSecurity:\s+(?:\[(?:\w+ \"[^\"]*\"|[^\]]*)\]\s*)*(?:Access denied with code [45]\d\d|Warning\. Pattern match) otherwise you have to specify what exactly in log you need to consider for possible match. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
I use Apache modsecurity 3 and i need to ban ip filtered by modsecurity.
jail.local:
apache-modsecurity.conf:
apache error.log examples:
Thank you in advance.
Beta Was this translation helpful? Give feedback.
All reactions