# Fail2ban filter for laravel honeypot

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf

# sample log line:
# [2021-07-07 08:49:39] local.ALERT: IP:51.38.207.217 "GET .env" 418
# 51.38.207.217 - - [07/Jul/2021:10:49:39 +0200] "GET /.env HTTP/1.1" 418 7207 "-" "Wget/1.18 (linux-gnu)"
[Definition]

failregex   = ^.*IP:<HOST>\s.*418\s.*$
ignoreregex =

[Init]

maxlines = 1