Bug#739945: fail2ban not working with htdigest apache auth

Mon, 24 Feb 2014 00:55:16 -0800 

Package: fail2ban
Version: 0.8.6-3wheezy2
Severity: minor
Tags: patch

Dear Maintainer,

fail2ban fails to detect login attempts when using htdigest auth in apache,
so I have copied some regex lines out of apache-auth.conf from my FreeBSD 10.0 
box, and now it works.

Cheers
Olaf

-- System Information:
Debian Release: 7.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages fail2ban depends on:
ii  lsb-base        4.1+Debian8+deb7u1
ii  python          2.7.3-4+deb7u1
ii  python-central  0.6.17

Versions of packages fail2ban recommends:
ii  iptables      1.4.14-3.1
pn  python-gamin  <none>
ii  whois         5.1.1~deb7u1

Versions of packages fail2ban suggests:
ii  bsd-mailx [mailx]  8.1.2-0.20111106cvs-1

-- Configuration Files:
/etc/fail2ban/filter.d/apache-auth.conf changed:
[INCLUDES]
before = apache-common.conf
[Definition]
failregex = ^%(_apache_error_client)s (AH01797: )?client denied by server 
configuration: (uri )?\S*(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH01617: )?user .*? authentication 
failure for "\S*": Password Mismatch(, referer: \S+)?$
            ^%(_apache_error_client)s (AH01618: )?user .*? not found(: )?\S*(, 
referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH01614: )?client used wrong 
authentication scheme: \S*(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH\d+: )?Authorization of user \S+ to 
access \S* failed, reason: .*$
            ^%(_apache_error_client)s (AH0179[24]: )?(Digest: )?user .*?: 
password mismatch: \S*(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH0179[01]: |Digest: )user `.*?' in 
realm `.+' (not found|denied by provider): \S*(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH01631: )?user .*?: authorization 
failure for "\S*":(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH01775: )?(Digest: )?invalid nonce .* 
received - length is not \S+(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH01788: )?(Digest: )?realm mismatch - 
got `.*?' but expected `.+'(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH01789: )?(Digest: )?unknown algorithm 
`.*?' received: \S*(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH01793: )?invalid qop `.*?' received: 
\S*(, referer: \S+)?\s*$
            ^%(_apache_error_client)s (AH01777: )?(Digest: )?invalid nonce .*? 
received - user attempted time travel(, referer: \S+)?\s*$
ignoreregex = 


-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to