In your sample log lines, you have two dashes after the IP address; your regex
only expects one. Try:
failregex = ^.+?"(GET|POST|HEAD) /.+?" 404 .+$
BTW, you don't escape / or -
Bill
On 3/13/2018 2:12 PM, Sophie Loewenthal wrote:
NGINX BOTCHECK
Debian 9.2
$ dpkg -l fail2ban
Desired=Unknown/
NGINX BOTCHECK
Debian 9.2
$ dpkg -l fail2ban
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Descri
