We need a fail2ban filter that reads the /var/log/apache2/access.log, not just error.log. When someone is getting lots of 404’s, then something is up, especially if those access are coming un-humanly quickly! By the way, if you are the owner of IP 220.127.116.11 you might want to scan it for malware. 8)
For your viewing pleasure, some Apache2 log entries from this morning: Readmore..