New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature Request] Add a failed logins log #41
Comments
And even better, we could write a fail2ban filter for the login page! http://www.fail2ban.org/wiki/index.php/Main_Page +1 |
@rix1337 that would be awesome but Fail2Ban relies on Python. Not sure everyone knows how to set that up. we can have it as on option maybe. |
I phrased it wrong. Assuming one has set up fail2ban already, if Organizr offered a log containing
We could write a fail2ban rule, that would work properly. Look at how those configs work at: https://snippets.aktagon.com/snippets/554-how-to-secure-an-nginx-server-with-fail2ban |
Ahhhh yes. :) |
@rix1337 @Githubtordl I'm storing the info in a file on the server that is written in JSON. |
Making the log path configurable would be perfect. Looking very good so far, I guess we can easily set up a regex rule for fail2ban then! |
Yea that is what I was thinking on both suggestions. |
This should work with fail2ban. Will test over the weekend: |
I've just checked the fail2ban manual:
Any way you could (also) produce a standard log file more similar to the nginx one? Optionally stored at a custom path?
They do not offer a way to regex custom timestamps..
With this log I could automatically ban anyone trying to brute force my login info! (Which would be super awesome) |
i can make the time stamp match this: 20-01-2017 01:02:03 |
EDiT for clarification: Thank you for checking this! fail2ban for some reason requires logs that separate entries into new lines & begin with a timestamp I'll try to get more info tonight, but it seems a logfile as suggested above would be the only thing working here... |
hmmm |
I tried it right now, and fail2ban is not limited by the way the timestamp is offered, but it requires newlines. Could you add a newline before every {"date" tag? as in: The working bad_auth regex for fail2ban is
That would be all I need, and the json is still readable by organizr. In contrast, the current json oneliner is not parsed correctly
|
by new line, do you mean like a break in line? |
yeah! instead of
sorry, english is not my primary language ^^ |
no worries, I can try that out tonight unless you want to edit yourself and try. |
I'll give it a shot. and thank you |
lemme give you the line. |
user php, 602? |
https://github.com/causefx/Organizr/blob/master/user.php#L610 change to https://github.com/causefx/Organizr/blob/master/user.php#L614 change to |
ill give it a shot, though i am only familiar to xml. seems easy to get the format, though. |
no worries man :) let me know how it goes. |
I tried my best, and the PR works for the front-end, as well as the fail2ban log daemon. I really would like this functionality implemented (even if a proper log file, not breaking the json would be the better way). With this hack I am now successfully banning people after their third bad login attempt to my site! |
nice, did the JSON_PRETTY_PRINT not work either? Edit: Also this line doesn't need to be edited: as you already apply str_replace on the variable than encodes the json. Edit: Nevermind, i misread that line. |
No, because awesome as it may be, fail2ban is resistant to multiple line input.. There seem to be ways, but I can't get them to match the json file.. I know duplicate file creations make this project less clean, but could you just implement a function that on a bad login appended Timestamp - [ip] - [username] - bad auth to a simple somthing.log? I would really feel bad about the hack I wrote, just to get this feature going. Even though it works |
the hack isnt bad. |
thank you,
At first i thought so, too. New log entrys will go missing without it, though.. |
what do you mean? |
nvm, was just confirming the line needs an edit 👍 |
ahhh yes, I need to see if my local hosted dev branch is updated, if it is i will pull this merge request into dev. |
cool stuff. i contributed 🥇 😄 |
haha yes sir, thanks! |
just a heads up: the reformated log file may cause issues with existing logs from this version.. since it's beta this should be fine.. |
Hmmmm. I'll take a look. |
Could you please add a failed logins log in settings? will be quite useful to see if anyone is being naughty.
The text was updated successfully, but these errors were encountered: