attack attemtps - samples from apache logs - ev build fail2ban rules or strainghten mod-security

gistfile1.txt

[REMOTE CODE EXECUTION VIA HEADER]
[Wed Feb 10 07:36:12 2016] [error] [client 84.2.197.187] Invalid URI in request HEAD towards the green fields outside. Watch the goats chewing the grass. What is the meaning of life? Life isn't about getting to the end. Goats know this. You should know too. Goats are wise. Goats are cute. Listen to them! This is the message. Love goats, love the Internet! \xf0\x9f\x90\x90 Kecske. HTTP/1.0


[maliciously crafted request designed to execute arbitrary code on the server by causing a heap overflow in php.
a server limit has been exceeded such as number or length of request header field(s).]
error log: 
[Wed Feb 10 00:55:33 2016] [error] [client 185.87.121.69] request failed: error reading the headers
corresponding access log:
185.87.121.69 - - [10/Feb/2016:00:55:33 +0100] "GET /wp-login.php HTTP/1.1" 400 584 "-" "-"
185.87.121.69 - - [10/Feb/2016:00:55:34 +0100] "GET /administrator/index.php HTTP/1.1" 400 584 "-" "-"
185.87.121.69 - - [10/Feb/2016:00:55:34 +0100] "GET /admin.php HTTP/1.1" 400 584 "-" "-"
185.87.121.69 - - [10/Feb/2016:00:55:34 +0100] "GET /bitrix/admin/index.php?lang=en HTTP/1.1" 400 584 "-" "-"
185.87.121.69 - - [10/Feb/2016:00:55:34 +0100] "GET /admin/login.php HTTP/1.1" 400 584 "-" "-"
185.87.121.69 - - [10/Feb/2016:00:55:35 +0100] "GET /admin/ HTTP/1.1" 400 584 "-" "-"
185.87.121.69 - - [10/Feb/2016:00:55:35 +0100] "GET /user/ HTTP/1.1" 400 584 "-" "-"