Edit, this one works for me:
Code:
docroot = /var/www
badadmin = PMA|phpmyadmin|myadmin|mysql|mysqladmin|sqladmin|mypma|admin|xampp|mysqldb|mydb|db|pmadb|zeb|cart
failregex = [[]client <HOST>[]] File does not exist: %(docroot)s/(?:%(badadmin)s)
Hello,
I have a custom made jail for fail2ban to ban scriptkiddies looking for phpmyadmin etc.
Another jail, looking for ftp server inlogs works fine but I can't get this one to work.
Thanks for helping.
failregex = [[]client <HOST>[]] (File does not exist|unable to stat): /\S*(php|pma|PMA|p/m/a|db|sql|admin|zen|cart).*
Corresponding entry in jail.conf:
Code:
[apache-pma]
enabled = true
port = http,https
filter = apache-pma
logpath = /var/log/apache2/error.log
maxretry = 1
These are in error.log
[Wed Mar 16 23:37:35 2011] [error] [client 210.51.38.77] File does not exist: /var/www/phpmyadmin