Does anyone how to configure fail2ban so that it watch multiple access.log for apache and ban any IP requesting more then xx times / xx seconds? Just trying to stop multiple request from offending IP's through refresh.
I had tried it actually but for some reason it didn't work. So i posted here since we got some uber geeks. I don't get any error or anything but it just didn't work and when I did netstat it still showed me my IP.
You can try SecConnReadStateLimit with Apache and ModSecurity. I don't use fail2ban personally. It is based on concurrent connections and not xx times / xx seconds, but I think it will do what you are looking for. I use it with great success.