I have many GET Request on my server to "nike-air" URLs like this
216.*.*.* - - [13/Dec/2016:20:07:54 +0100] "GET /jd/nike-huarache-2010.php HTTP/1.1" 404
216.*.*.* - - [13/Dec/2016:20:07:57 +0100] "GET /jd/nike-roshe-run-homme-original.php HTTP/1.1" 404
187.*.*.* - - [13/Dec/2016:20:17:26 +0100] "GET /jd/nike-mercurial.php HTTP/1.1" 404
I decide to create a fail2ban filter for stop it:
# apache-nike.conf
[Definition]
failregex = ^<HOST> -.*"GET .*nike-.*".*
ignoreregex =
It works but I think it can be improved? Too bad there is no online tool to create filters :)
Thank you for your suggestions.