Blame | Last modification | View Log | RSS feed
# Fail2Ban filter configuration file to match failed login attempts to# HAProxy HTTP Authentication protected servers.## PLEASE NOTE - When a user first hits the HTTP Auth a 401 is returned by the server# which prompts their browser to ask for login details.# This initial 401 is logged by HAProxy.# In other words, even successful logins will have at least 1 fail regex match.# Please keep this in mind when setting findtime and maxretry for jails.## Author: Jordan Moeser#[INCLUDES]# Read common prefixes. If any customizations available -- read them from# common.localbefore = common.conf[Definition]_daemon = haproxy# Option: failregex# Notes.: regex to match the password failures messages in the logfile. The# host must be matched by a group named "host". The tag "<HOST>" can# be used for standard IP/hostname matching and is only an alias for# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)# Values: TEXT#failregex = ^%(__prefix_line)s<HOST>.*<NOSRV> -1/-1/-1/-1/\+*\d* 401# Option: ignoreregex# Notes.: regex to ignore. If this regex matches, the line is ignored.# Values: TEXT#ignoreregex =