fail2ban with standard Apache log format on centos

325 views

I want to use fail2ban on CentOS 6 to monitor Apache with the standard default logfile format ("combined"). Has anyone here succeeded in doing so?

The format has the IP at the start of the line, followed by two dashes (if no authentication) and THEN the timestamp. What I've read on the fail2ban wiki seems to say that the timestamp must ALWAYS be at the start of the line, followed by other stuff. I'm amazed if it isn't configurable...

I'm using fail2ban 0.8.8 from EPEL.

posted Jun 19, 2013 by anonymous

Looking for an answer? Promote on:

OK, it turns out that despite what it says in the wiki, recent versions of fail2ban do allow a non-anchored timestamp match and will preserve the part of the line before the timestamp. My problem was actually in the failregex.

All working now.

commented Jun 19, 2013 by anonymous

Similar Questions

0 votes

ssi not working on virtual host, using CentOS 6.0 with Apache 2.2.15

I am using CentOS 6.0 with Apache 2.2.15, and set up Apache with virtual host. The SSI works fine on the first VH, but ssi on the other virtual hosts does not work. I got the following message in the error log:

mod_include: Options +Includes (or IncludesNoExec) wasnt set, INCLUDES filter removed

Does anyone know how to resolve this problem?

+1 vote

What is the default MPM in apache on CentOS 7?

+2 votes

How to log access to a specific web application in apache?

My Apache server host few applications something like :

/var/www/A
/var/www/B

I would like to trace access for a specific application, eg. A. Is it possible?

Or should I use 'LogLevel info' and so log all applications into access.log file (then parsing for specific web page) ?

My config for logging is :

..
ErrorLog /var/log/apache2/error.log
LogLevel info
CustomLog /var/log/apache2/access.log combined
..

+1 vote

Want to replace 503 Maintenance page with custom page on Apache 2.2.23

Need some help here, want to replace the standard 503 page of Apache with my custom maintenance page. Read some blogs which gives direction of replacing the page with my html page and just do some rewrite of URL to display it.with help of .htaccess.

I am not able to find the .htaccess file on the server, could some one please help me on that, where is htaccess file by default on the server.

Could some body also suggest if there is any other solution to achieve maintenance page.

0 votes

How can I ensure Apache HTTPD server works with OpenLDap installed on my computer?

I have the following modules installed on my linux computer:

openldap-2.2.13-12.el4_8.2 
nss_ldap-253-7.el4

According to the documentation Apache can work with more than one LDAP module:
https://httpd.apache.org/docs/current/mod/mod_authnz_ldap.html [1]

How can I ensure Apache HTTPD server works with OpenLDap installed on my computer? Where I configure it?

...

fail2ban with standard Apache log format on centos

Your comment on this post:

Your answer

Preview