我想實作用fail2ban防護網頁的暴力破解,然後網頁是同學寫的,然後用暴力破解(hydra),錯誤訊息在下面呈現
/var/log/httpd/error_log-20190222
然後用fail2ban內建的過濾器apache-auth去偵測,沒辦法偵測到,所以想自己來寫個filter,但對於python的正規表達式不熟,自己去試一直測不出來,所以想問大家到底要如何去寫
自己去看網站自己寫:<HOST>.* PHP Notice:Undefined index: pwd in /var/www/html/hackerproof/login.php on line 5
但去測fail2ban-regex 沒有match到,我這樣打有那裡不對的嗎?
已邀請的邦友 {{ invite_list.length }}/5
<HOST>開頭<HOST>.* PHP Notice: Undefined index: \S+ in /var/www/html/hackerproof/login.php on line
fail2ban 他有很多段,不至於擋不到,差別在於他判斷的log是不是你目前程式裡面有寫到的log裡面
[apache]
enabled = true
port = http,https
filter = apache-auth
logpath = /var/log/httpd/*error_log
maxretry = 6
[apache-badbots]
enabled = true
port = http,https
filter = apache-badbots
logpath = /var/log/httpd/*access_log
bantime = 172800
maxretry = 1
[apache-noscript]
enabled = true
port = http,https
filter = apache-noscript
logpath = /var/log/httpd/*error_log
maxretry = 6
[apache-overflows]
enabled = true
port = http,https
filter = apache-overflows
logpath = /var/log/httpd/*error_log
maxretry = 2
[apache-nohome]
enabled = true
port = http,https
filter = apache-nohome
logpath = /var/log/httpd/*error_log
maxretry = 2
port = http,https
filter = apache-botsearch
logpath = /var/log/httpd/*error_log
maxretry = 2
iThome鐵人賽
看影片追技術