Installed headers for apache2, libmaxminddb and optional for pcre2. Download the ASN database with geoipupdate.
RHEL based
dnf -y install gcc httpd-devel libmaxminddb-devel pcre2-devel redhat-rpm-config
Debian/Ubuntu
apt -y install gcc apache2-dev libmaxminddb-dev libpcre2-dev
apxs -c -lmaxminddb mod_repudiator.c
With pcre2 support
apxs -c -DPCRE2 -lmaxminddb -lpcre2-8 mod_repudiator.c
Debug build
apxs -c -DPCRE2 -DREP_DEBUG -lmaxminddb -lpcre2-8 mod_repudiator.c
-
RepudiatorEnabled
Default:false
Enable module
-
RepudiatorEvilModeEnabled
Default:false
Let's get mad!
-
RepudiatorEvilRedirectURL
Default:NULL
Redirect the bad boy to this URL
-
RepudiatorEvilAppendURI
Default:0
Append raw URI to redirect URL
-
RepudiatorEvilDelay
Default:0
Number of milliseconds to delay before sending the response.
-
RepudiatorWarnReputation
Default:-200
Reputation warning score
-
RepudiatorBlockReputation
Default:-400
Reputation blocking score
-
RepudiatorPerIPReputation
Default:-0.033
Reputation score per IP address
-
RepudiatorPerNetReputation
Default:-0.0033
Reputation score per IP address within network
-
RepudiatorPerASNReputation
Default:-0.00033
Reputation score per IP address within ASN block
-
RepudiatorScanTime
Default:60
Scan time in seconds
-
RepudiatorWarnHttpReply
Default:429
HTTP status code if warning score is reached
-
RepudiatorBlockHttpReply
Default:403
HTTP status code if blocking score is reached
-
RepudiatorASNDatabase
Path to GeoLite2 ASN database
-
RepudiatorIPReputation
iterableSet network-based reputation, first part is network and second is reputation score.
Example:
RepudiatorIPReputation 192.168.0.0/16 1000.0
-
RepudiatorUAReputation
iterableSet UserAgent-based reputation, first part regex and second is reputation score.
Example:
RepudiatorUAReputation ".*MSIE [1-9].0.*" -400.0
-
RepudiatorURIReputation
iterableSet URI-based reputation, first part regex and second is reputation score.
Example:
RepudiatorURIReputation ".*\.(env|git|bash(rc|_(history|profile))).*" -1000.0
-
RepudiatorASNReputation
iterableSet ASN-based reputation, first part is ASN and second is reputation score.
Example:
RepudiatorASNReputation 15169 100.0
-
RepudiatorStatusReputation
iterableSet HTTP-Status-based reputation, first part status code is reputation score.
Example:
RepudiatorStatusReputation 404 -1.0
Install fail2ban and add custom jail.
cp fail2ban/filter.d/apache-mod_repudiator.conf /etc/fail2ban/filter.d/
cat >> /etc/fail2ban/jail.local << EOF
[apache-mod_repudiator]
enabled = true
backend = polling
port = http,https
filter = apache-mod_repudiator
logpath = /var/log/httpd/error_log
maxretry = 1
findtime = 120
bantime = 600
EOF
systemctl restart fail2ban