fail2ban：Apache-Auth 没有禁止失败的登录尝试

试图在Linux Mint 17.1上实现fail2ban，但在多次尝试使用apache auth登录后，似乎无法阻止我
我按照本指南开始学习
我认为apacheauth-regex有问题，但无法正确处理。

jail.local

[apache] 
enabled = true 
port = 80,443
filter = apache-auth 
logpath = /var/log/apache2/*error.log 
maxretry = 3 
bantime = 600 
##ignoreip = 192.168.3.70
##To block the remote host that is trying to request suspicious URLs,     use the below jail. 
[apache-overflows] 
enabled = true 
port = http,https 
filter = apache-overflows 
logpath = /var/log/apache2/*error.log 
maxretry = 3 
bantime = 600 
ignoreip = 192.168.3.70
##To block the remote host that is trying to search for scripts on the     website to execute, use the below jail. 
[apache-noscript] 
enabled = true 
port = http,https 
filter = apache-noscript 
logpath = /var/log/apache2/*error.log 
maxretry = 3 
bantime = 600 
ignoreip = 192.168.3.70
##To block the remote host that is trying to request malicious bot,     use below jail. 
[apache-badbots] 
enabled = true 
port = http,https 
filter = apache-badbots 
logpath = /var/log/apache2/*error.log 
maxretry = 3 
bantime = 600 
ignoreip = 192.168.3.70
##To stop DOS attack from remote host. 
[http-get-dos] 
enabled = true 
port = http,https 
filter = http-get-dos 
logpath = /var/log/apache*/access.log 
maxretry = 400 
findtime = 400 
bantime = 200 
##ignoreip = 192.168.3.70 
action = iptables[name=HTTP, port=http, protocol=tcp]

apache-auth.conf

[INCLUDES]
before = apache-common.conf
[Definition]
failregex = ^%(_apache_error_client)s (AH01797: )?client denied by server configuration: (uri )?S*(, referer: S+)?s*$
^%(_apache_error_client)s (AH01617: )?user .*? authentication failure for "S*": Password Mismatch(, referer: S+)?$
^%(_apache_error_client)s (AH01618: )?user .*? not found(: )?S*(, referer: S+)?s*$
^%(_apache_error_client)s (AH01614: )?client used wrong authentication scheme: S*(, referer: S+)?s*$
^%(_apache_error_client)s (AHd+: )?Authorization of user S+ to access S* failed, reason: .*$ 
^%(_apache_error_client)s (AH0179[24]: )?(Digest: )?user .*?: password mismatch: S*(, referer: S+)?s*$
^%(_apache_error_client)s (AH0179[01]: |Digest: )user `.*?' in realm `.+' (not found|denied by provider): S*(, referer: S+)?s*$
^%(_apache_error_client)s (AH01631: )?user .*?: authorization failure for "S*":(, referer: S+)?s*$
^%(_apache_error_client)s (AH01775: )?(Digest: )?invalid nonce .* received - length is not S+(, referer: S+)?s*$
^%(_apache_error_client)s (AH01788: )?(Digest: )?realm mismatch - got `.*?' but expected `.+'(, referer: S+)?s*$
^%(_apache_error_client)s (AH01789: )?(Digest: )?unknown algorithm `.*?' received: S*(, referer: S+)?s*$
^%(_apache_error_client)s (AH01793: )?invalid qop `.*?' received: S*(, referer: S+)?s*$
^%(_apache_error_client)s (AH01777: )?(Digest: )?invalid nonce .*? received - user attempted time travel(, referer: S+)?s*$

apache-common.conf

_apache_error_client = [[^]]*] [(error|S+:S+)]( [pid d+:S+d+])? [client <HOST>(:d{1,5})?]

/var/log/apache2/error.log

[Thu Aug 02 23:03:42.143209 2018] [auth_basic:error] [pid 8025] [client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:43.216097 2018] [auth_basic:error] [pid 8025] [client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:44.124570 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:45.104747 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:46.001161 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:46.871802 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:47.843740 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php

正如我所说，我认为问题出在正则表达式中，因为http get-dos监狱运行良好。apache-common.conf的正则表达式看起来不太正确，因为我的日志文件似乎遵循不同的标准，但我不确定这是否正确，也不确定如何正确格式化正则表达式。

非常感谢您的帮助。