# Fail2Ban configuration file
#
# Regexp to detect forbidden access on pages (public or not) so we can add mitigation on IP making too much 
# access to your a Dolibarr instance.


[Definition]

# To test, you can inject this example into log
# echo `myvirtualhost.com:443 1.2.3.4 - - [15/Dec/2022:09:57:47 +0000] "GET /public/abc" 403 123 "-" "Mozilla" >> /var/log/apache2/access.log
#
# then 
# fail2ban-client status web-accesslog-limit403 
#
# To test rule file on a existing log file
# fail2ban-regex /var/log/apache2/access.log /etc/fail2ban/filter.d/web-accesslog-limit403.conf

failregex = <HOST> - - .*HTTP/[0-9]+(.[0-9]+)?" 403
ignoreregex =