regex Missing What Appear to be SQL Injection Attempts

[nh905]

My website recently got hit with a bunch of SQL Injection attempts, none of which appear to have been successful, but these miscreants need to be dealt with. I run fail2ban and found your filter high in the Google Search. When I tested your filter against my logs, it flagged some lines but missed a lot that looked decidedly suspicions. Some were due to uppercase SELECT or UNION. Others I suspect are the way the hackers are creating the SELECT/UNION commands on the fly.

Have you considered re-activating this project? I am a newbie at regex, but am willing to help.

Thanks, Norbert