On Friday 04 December 2020 01:34:52 john doe wrote: > On 12/4/2020 7:03 AM, Andy Smith wrote: > > Hello, > > > > On Fri, Dec 04, 2020 at 12:03:57AM -0500, Gene Heskett wrote: > >> what file do I edit to add todays > >> /var/log/httpd/other_vhosts_access.log to its list of logs to > >> watch. That's the log file with the real data in it today. And > >> does it need enabled in another, different file. > > > > Again we have been down this avenue before, but I will try one last > > time. > > > > It seems quite likely that the bot you have a problem with has the > > same user agent string, or a very small variation on the same > > string. If so then you can block it just with Apache. > > > > So, can you show us a few lines of logs from your > > /var/log/httpd/other_vhosts_access.log of the accesses from the > > offending bot(s)? > > That is, increase your log verbosity (1) and and give us part of the > relevent lines. > > Also if fail2ban is not working turn it off and other stuff that you > have put inplace to block those attacks, so we have something clean to > work with, apache is your first line of defence here. > > 1) https://httpd.apache.org/docs/2.4/mod/core.html#loglevel > Page doesn't cover my stretch version. Paths are not the same for starters, yet I have 5 installs here from wheezy to buster to raspbian. All alike, in my looking around, but not THAT version. > -- > John Doe
Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis Genes Web page <http://geneslinuxbox.net:6309/gene>