A Fail2Ban RoundCube plugin
Switch branches/tags
Clone or download
Latest commit 3893124 Sep 3, 2016
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE Added LICENSE, GPLv3 Jun 19, 2011
composer.json Update composer.json Sep 3, 2016
fail2ban.php fixed hardcoded path to log dir Dec 24, 2014
readme.md Text fixes Jun 28, 2016


RoundCube Fail2Ban Plugin

RoundCube Fail2Ban Plugin is a small plugin that will display a failed login attempts in your syslog or userlogins log file. Using this information Fail2Ban will be able to block a user for a set amount of time. The best part, the block is happening at the IP level and blocks the IP address, not the user they are trying to log in as.

If you would like to help translate this plugin, or you see a problem with the current translation, please contact me.

This plugin dose not install or run Fail2Ban, but only provides the program with the needed log entries. Fail2Ban has to be installed and configured independent of this plugin so that it watches Roundcube's logs for failed logins.


The Current Version is 1.3 released on Sept, 28th 2015.

  • RoundCube Fil2Ban Plugin - Version 1.3 - tgz | zip | git
  • RoundCube Fil2Ban Plugin - Version 1.2 - tgz | zip | git
  • RoundCube Fil2Ban Plugin - Version 1.1 - tgz | zip | git
  • RoundCube Fil2Ban Plugin - Version 1.0 - tgz | zip | git

You can also clone the project with Git by running:

$ git clone git://github.com/mattrude/rc-plugin-fail2ban.git fail2ban

If your using git, make sure to hit the rc-Plugin-Fail2Ban's github page.


RoundCube 3.0+


  1. Place this plugin folder into the RoundCube plugins directory (roundcube/plugins/)
  2. Add fail2ban to $rcmail_config['plugins'] in your RoundCube config

Note: When downloading this plugin from http://github.com/mattrude/rc-plugin-fail2ban you will need to create a directory called fail2ban and place fail2ban.php in there, ignoring the root directory in the downloaded archive. You may also run 'git clone git://github.com/mattrude/rc-plugin-fail2ban.git fail2ban' from the plugins directory.

Setting Up


enabled  = true
port     = http,https
filter   = roundcube
action   = iptables-multiport[name=roundcube, port="http,https"]
logpath  = /var/www/html/roundcube/logs/userlogins

Or oldschool used a configuration simmiler to:

# 0.3 and up plugin-support
enabled  = true
port     = http,https
filter   = roundcube
action   = iptables-multiport[name=roundcube, port="http,https"]
sendmail-whois[name=RC-Webmail, dest=you@example.com, sender=fail2ban]
logpath  = /srv/www/htdocs/webmail/logs/userlogins


failregex = FAILED login for .*. from <HOST>
ignoreregex =


This plugin is licensed under the GPLv3. A copy of the license also comes with every copy download.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.


Matt Rude (m@mattrude.com)