I was thinking of installing Fail2ban, but I saw that it reads Apache errors.
So much to look at, I opened Apache errors
I noticed that my Apache logs are full of this:
Code:
[Mon SEP 18 06:39:16.678185 2017] [Core: ERROR] [PID 31667] [Client 180.76.15.6:29891] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use ' LimitInternalRecursion ' to increase the limit if necessary. Use ' LogLevel debug ' to get a backtrace.
[Mon SEP 18 06:39:18.149155 2017] [Core: ERROR] [PID 31837] [Client 180.76.15.23:55177] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use ' LimitInternalRecursion ' to increase the limit if necessary. Use ' LogLevel debug ' to get a backtrace.
[Mon SEP 18 06:39:18.653379 2017] [Core: ERROR] [PID 31984] [Client 180.76.15.141:41970] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use ' LimitInternalRecursion ' to increase the limit if necessary. Use ' LogLevel debug ' to get a backtrace.
The IP seems to be Baidu, which I block via htaccess in all my sites with:
Code:
RewriteCond %{HTTP_USER_AGENT} ^.*MJ12bot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Yandex [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Baidu [NC]
RewriteRule .* - [L,F]
(It is a rule that they have made me add various hosting and VPS services, to try to find resources to keep sites online. I don't even know if it's a good thing or not...)
I'm afraid that installing Fail2ban would read continually new errors and probably he will drink all the resources of my server...
(also the fact that each visit generates a log line I do not like so much)
Looking in G, it seems to be some url_rewriter problem.
Looking for logLevel debug I found this:
mod_rewrite - Apache HTTP Server Version 2.4
But I think I didn't understand something because:
Code:
root@ubuntu-2gb-blr1-14-04-3:~# tail -f error_log|fgrep '[rewrite:'
tail: cannot open ‘error_log’ for reading: No such file or directory
root@ubuntu-2gb-blr1-14-04-3:~# LogLevel alert rewrite:trace3
LogLevel: command not found
What am I missing? How should I use this?