I am just sick of opening the logwatch every day and getting this:
Requests with error response codes
400 Bad Request
/: 97 Time(s)
null: 8 Time(s)
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/: 4 Time(s)
403 Forbidden
/: 26 Time(s)
/?s=/Index/\think\app/invokefunction&fun … s[1]=4ub2506o: 1 Time(s)
404 Not Found
/favicon.ico: 14 Time(s)
/remote/fgt_lang?lang=/…/…/…/…//////// … lvpn_websession: 11 Time(s)
/ecp/Current/exporttool/microsoft.exchange … ool.application: 4 Time(s)
/login: 4 Time(s)
/owa/auth/logon.aspx: 4 Time(s)
/owa/auth/x.js: 4 Time(s)
/robots.txt: 4 Time(s)
/version: 4 Time(s)
/Public/home/js/check.js: 2 Time(s)
/favicon.png: 2 Time(s)
/static/admin/javascript/hetong.js: 2 Time(s)
/.git/config: 1 Time(s)
/.well-known/ALFA_DATA: 1 Time(s)
/.well-known/alfacgiapi: 1 Time(s)
/.well-known/cgialfa: 1 Time(s)
/1.php: 1 Time(s)
/1index.php: 1 Time(s)
/ALFA_DATA: 1 Time(s)
/HNAP1: 1 Time(s)
/ReportServer: 1 Time(s)
/_ignition/execute-solution: 1 Time(s)
/a.php: 1 Time(s)
/about.php: 1 Time(s)
/admin/controller/extension/extension/ALFA_DATA: 1 Time(s)
/admin/controller/extension/extension/alfacgiapi: 1 Time(s)
/admin/controller/extension/extension/cgialfa: 1 Time(s)
/alfa.php: 1 Time(s)
/alfacgiapi: 1 Time(s)
/archives.php: 1 Time(s)
/beence.php: 1 Time(s)
/c/version.js: 1 Time(s)
/cgialfa: 1 Time(s)
/config.bak.php: 1 Time(s)
/config.php: 1 Time(s)
/defau11.php: 1 Time(s)
/defau1t.php: 1 Time(s)
/doc.php: 1 Time(s)
/error.php?phpshells: 1 Time(s)
/evox/about: 1 Time(s)
/export.php: 1 Time(s)
/flu/403.html: 1 Time(s)
/gank.php.PhP: 1 Time(s)
/index.php?3x=3x: 1 Time(s)
/jenkins/login: 1 Time(s)
/legion.php: 1 Time(s)
/manager/html: 1 Time(s)
/media-admin.php: 1 Time(s)
/moduless.php: 1 Time(s)
/nmaplowercheck1661945577: 1 Time(s)
/olux.php: 1 Time(s)
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f: 1 Time(s)
/radio.php: 1 Time(s)
/s_e.php: 1 Time(s)
/s_ne.php: 1 Time(s)
/script: 1 Time(s)
/shell.php: 1 Time(s)
/shells.php: 1 Time(s)
/sites/default/files/ALFA_DATA: 1 Time(s)
/sites/default/files/alfacgiapi: 1 Time(s)
/sites/default/files/cgialfa: 1 Time(s)
/stalker_portal/c/version.js: 1 Time(s)
/stream/live.php: 1 Time(s)
/streaming/clients_live.php: 1 Time(s)
/style.php: 1 Time(s)
/system_api.php: 1 Time(s)
/system_log.php?bala=up: 1 Time(s)
/templates/beez3/ALFA_DATA: 1 Time(s)
/templates/beez3/alfacgiapi: 1 Time(s)
/templates/beez3/cgialfa: 1 Time(s)
/templates/beez3/index.php: 1 Time(s)
/test.php: 1 Time(s)
/up.php: 1 Time(s)
/upload.php: 1 Time(s)
/ups.php: 1 Time(s)
/wp-admin/ALFA_DATA: 1 Time(s)
/wp-admin/alfacgiapi: 1 Time(s)
/wp-admin/cgialfa: 1 Time(s)
/wp-admin/style.php: 1 Time(s)
/wp-backup-sql-302.php: 1 Time(s)
/wp-booking.php: 1 Time(s)
/wp-content/ALFA_DATA: 1 Time(s)
/wp-content/alfacgiapi: 1 Time(s)
/wp-content/cgialfa: 1 Time(s)
/wp-content/db-cache.php: 1 Time(s)
/wp-content/export.php: 1 Time(s)
/wp-content/mu-plugins/db-safe-mode.php: 1 Time(s)
/wp-content/outcms.php?up: 1 Time(s)
/wp-content/plugins/backup_index.php: 1 Time(s)
/wp-content/plugins/ubh/up.php: 1 Time(s)
/wp-content/plugins/wpconfig.bak.php?act=sf: 1 Time(s)
/wp-content/themes/config.bak.php: 1 Time(s)
/wp-content/uploads/ALFA_DATA: 1 Time(s)
/wp-content/uploads/alfacgiapi: 1 Time(s)
/wp-content/uploads/cgialfa: 1 Time(s)
/wp-includes/ALFA_DATA: 1 Time(s)
/wp-includes/alfacgiapi: 1 Time(s)
/wp-includes/cgialfa: 1 Time(s)
/wp-includes/css/css.php: 1 Time(s)
/wp-includes/css/wp-config.php: 1 Time(s)
/wp-includes/images/css.php: 1 Time(s)
/wp-includes/wp-atom.php: 1 Time(s)
/wp-includes/wp-class.php: 1 Time(s)
/wp-load.php: 1 Time(s)
/wp-plugins.php: 1 Time(s)
/wp-signin.php?dizo&ping: 1 Time(s)
/wp.php: 1 Time(s)
/wp_wrong_datlib.php: 1 Time(s)
/wso.php: 1 Time(s)
/x.php: 1 Time(s)
/xleet.php: 1 Time(s)
/z.php: 1 Time(s)
408 Request Timeout
null: 5 Time(s)
I set up a fail2ban Jail to trap 404 errors,
[Definition]
failregex = ^ .* /.* 4\d\d .*$
It was the only one (of many) that I found on the internet which didn’t crash fail2ban on loading and it doesn’t work.
I’m using the latest version of fail2ban.
Can anyone help?