# Fail2Ban configuration file
#
# Regexp to detect access on public pages so we can add mitigation on IP making too much 
# access to your a Dolibarr instance.


[Definition]

# To test, you can inject this example into log
# echo `date +'%Y-%m-%d %H:%M:%S'`" INFO    1.2.3.4    --- Access to GET /public/clicktodial/cidlookup.php" >> /mypath/documents/dolibarr.log
#
# then 
# fail2ban-client status web-dolibarr-limitpublic 
#
# To test rule file on a existing log file
# fail2ban-regex /mypath/documents/dolibarr.log /etc/fail2ban/filter.d/web-dolibarr-limitpublic.conf --print-all-matched

failregex = ^ [A-Z\s]+ <HOST>\s+--- Access to .*/public/
ignoreregex =