diff --git a/ChangeLog b/ChangeLog
index beb38482..b22d740c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -52,6 +52,7 @@ ver. 0.10.3-dev-1 (20??/??/??) - development edition
### New Features
### Enhancements
+* `filter.d/apache-noscript.conf`: extend failregex to match "Primary script unknown", e. g. from php-fpm (gh-2073);
* date-detector extended with long epoch (`LEPOCH`) to parse milliseconds/microseconds posix-dates (gh-2029);
* possibility to specify own regex-pattern to match epoch date-time, e. g. `^\[{EPOCH}\]` or `^\[{LEPOCH}\]` (gh-2038);
the epoch-pattern similar to `{DATE}` patterns does the capture and cuts out the match of whole pattern from the log-line,
diff --git a/README.md b/README.md
index 89ada1a1..2b40d306 100644
--- a/README.md
+++ b/README.md
@@ -6,50 +6,51 @@
## Fail2Ban: ban hosts that cause multiple authentication errors
-Fail2Ban scans log files like `/var/log/auth.log` and bans IP addresses having
+Fail2Ban scans log files like `/var/log/auth.log` and bans IP addresses conducting
too many failed login attempts. It does this by updating system firewall rules
to reject new connections from those IP addresses, for a configurable amount
of time. Fail2Ban comes out-of-the-box ready to read many standard log files,
-such as those for sshd and Apache, and is easy to configure to read any log
-file you choose, for any error you choose.
+such as those for sshd and Apache, and is easily configured to read any log
+file of your choosing, for any error you wish.
-Though Fail2Ban is able to reduce the rate of incorrect authentications
-attempts, it cannot eliminate the risk that weak authentication presents.
-Configure services to use only two factor or public/private authentication
+Though Fail2Ban is able to reduce the rate of incorrect authentication
+attempts, it cannot eliminate the risk presented by weak authentication.
+Set up services to use only two factor, or public/private authentication
mechanisms if you really want to protect services.
| Since v0.10 fail2ban supports the matching of the IPv6 addresses.
------|------
-This README is a quick introduction to Fail2ban. More documentation, FAQ, HOWTOs
-are available in fail2ban(1) manpage, [Wiki](https://github.com/fail2ban/fail2ban/wiki)
-and on the website http://www.fail2ban.org
+This README is a quick introduction to Fail2Ban. More documentation, FAQ, and HOWTOs
+to be found on fail2ban(1) manpage, [Wiki](https://github.com/fail2ban/fail2ban/wiki)
+and the website: https://www.fail2ban.org
Installation:
-------------
-**It is possible that Fail2ban is already packaged for your distribution. In
-this case, you should use it instead.**
+**It is possible that Fail2Ban is already packaged for your distribution. In
+this case, you should use that instead.**
Required:
-- [Python2 >= 2.6 or Python >= 3.2](http://www.python.org) or [PyPy](http://pypy.org)
+- [Python2 >= 2.6 or Python >= 3.2](https://www.python.org) or [PyPy](https://pypy.org)
Optional:
-- [pyinotify >= 0.8.3](https://github.com/seb-m/pyinotify)
- - Linux >= 2.6.13
+- [pyinotify >= 0.8.3](https://github.com/seb-m/pyinotify), may require:
+ * Linux >= 2.6.13
- [gamin >= 0.0.21](http://www.gnome.org/~veillard/gamin)
- [systemd >= 204](http://www.freedesktop.org/wiki/Software/systemd) and python bindings:
- - [python-systemd package](https://www.freedesktop.org/software/systemd/python-systemd/index.html)
+ * [python-systemd package](https://www.freedesktop.org/software/systemd/python-systemd/index.html)
- [dnspython](http://www.dnspython.org/)
-To install, just do:
+
+To install:
tar xvfj fail2ban-0.10.3.tar.bz2
cd fail2ban-0.10.3
python setup.py install
This will install Fail2Ban into the python library directory. The executable
-scripts are placed into `/usr/bin`, and configuration under `/etc/fail2ban`.
+scripts are placed into `/usr/bin`, and configuration in `/etc/fail2ban`.
Fail2Ban should be correctly installed now. Just type:
@@ -91,7 +92,7 @@ Contact:
See [CONTRIBUTING.md](https://github.com/fail2ban/fail2ban/blob/master/CONTRIBUTING.md)
### You just appreciate this program:
-send kudos to the original author ([Cyril Jaquier](mailto:cyril.jaquier@fail2ban.org))
+Send kudos to the original author ([Cyril Jaquier](mailto:cyril.jaquier@fail2ban.org))
or *better* to the [mailing list](https://lists.sourceforge.net/lists/listinfo/fail2ban-users)
since Fail2Ban is "community-driven" for years now.
diff --git a/config/filter.d/apache-noscript.conf b/config/filter.d/apache-noscript.conf
index fbc1af64..1963d1dd 100644
--- a/config/filter.d/apache-noscript.conf
+++ b/config/filter.d/apache-noscript.conf
@@ -17,8 +17,13 @@ before = apache-common.conf
[Definition]
-failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)(, referer: \S+)?\s*$
- ^%(_apache_error_client)s script '/\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)\S*' not found or unable to stat(, referer: \S+)?\s*$
+script = /\S*(?:php(?:[45]|[.-]cgi)?|\.asp|\.exe|\.pl)
+
+prefregex = ^%(_apache_error_client)s (?:AH0(?:01(?:28|30)|1(?:264|071)): )?(?:(?:[Ff]ile|script|[Gg]ot) ).+$
+
+failregex = ^(?:does not exist|not found or unable to stat):