Public bug reported: My Apache's error log is full of baddies trying to use me as a proxy, but fail2ban doesn't ban them. The errors look like this:
Thu May 19 09:48:04.125851 2016] [authz_core:error] [pid 21203:tid 140035017877248] [client 45.55.34.90:53492] AH01630: client denied by server configuration: proxy:http://93.188.167.147/, referer: https://www.pinterest.com/search/?q=http://93.188.167.147/?r=564 The corresponding upstream bug is https://github.com/fail2ban/fail2ban/issues/810 and it's been fixed by upstream commit https://github.com/fail2ban/fail2ban/pull/812/commits/2c158fe16890b9e9f98a3428cc009f792618ba75 I can confirm that manually applying the upstream patch to /etc/fail2ban/filters.d/apache-auth.conf fixes the issue for me. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: fail2ban 0.8.11-1 ProcVersionSignature: Ubuntu 3.13.0-86.131-generic 3.13.11-ckt39 Uname: Linux 3.13.0-86-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.20 Architecture: amd64 Date: Thu May 19 09:55:34 2016 PackageArchitecture: all SourcePackage: fail2ban UpgradeStatus: Upgraded to trusty on 2016-04-27 (21 days ago) mtime.conffile..etc.fail2ban.filter.d.apache.auth.conf: 2016-05-19T09:52:04.566226 ** Affects: fail2ban (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug trusty ** Description changed: My Apache's error log is full of baddies trying to use me as a proxy, but fail2ban doesn't ban them. The errors look like this: - Thu May 19 09:48:04.125851 2016] [authz_core:error] [pid 21203:tid + Thu May 19 09:48:04.125851 2016] [authz_core:error] [pid 21203:tid 140035017877248] [client 45.55.34.90:53492] AH01630: client denied by server configuration: proxy:http://93.188.167.147/, referer: https://www.pinterest.com/search/?q=http://93.188.167.147/?r=564 - The corresponding ubuntu bug is + The corresponding upstream bug is https://github.com/fail2ban/fail2ban/issues/810 and it's been fixed by upstream commit https://github.com/fail2ban/fail2ban/pull/812/commits/2c158fe16890b9e9f98a3428cc009f792618ba75 I can confirm that manually applying the upstream patch to /etc/fail2ban/filters.d/apache-auth.conf fixes the issue for me. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: fail2ban 0.8.11-1 ProcVersionSignature: Ubuntu 3.13.0-86.131-generic 3.13.11-ckt39 Uname: Linux 3.13.0-86-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.20 Architecture: amd64 Date: Thu May 19 09:55:34 2016 PackageArchitecture: all SourcePackage: fail2ban UpgradeStatus: Upgraded to trusty on 2016-04-27 (21 days ago) mtime.conffile..etc.fail2ban.filter.d.apache.auth.conf: 2016-05-19T09:52:04.566226 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1583457 Title: fail2ban apache-auth filter ignores AH01630 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/1583457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
