-
-
Notifications
You must be signed in to change notification settings - Fork 756
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add login failures in the logs - to fit with fail2ban needs / avoid bruteforce #3183
Comments
That might be a good feature. |
Well I don't know fail2ban configuration's details, but I can show you the regex used for yunohost:
As it's just a simple regex, I guess you could write anything you want as long as it's constant, easy to filter. PS : @maniackcrudelis please correct me if I'm wrong ;) |
I can log whatever I want from a request in that log. Just give me a list 🙂 |
I let @maniackcrudelis (and maybe @JimboJoe ?) decide here because my understanding of fail2ban is very limited. |
Hi j0k3r :) I'm not an expert either with fail2ban... But as I know, fail2ban works with a log and a regex. I think you can try something like that:
And a file name
It's just an idea, must be try. |
I don't see failed logs. Do we have to enable logs for error somewhere in config file? |
I can see it in a YunoHost walabag2 instance in |
@j0k3r Maybe I should add a new issue, but I think it belongs to this: Could you also log fails for two factor auth logins? Might not add much security, but if it's not an hour long work for you I'd appreciate it. |
Hello Wallabag's contributors :)
In order to protect wallabag with fail2ban (in our case for Yunohost, see YunoHost/apps#247 (comment)) it needs to read the failed access in the logs.
Is it possible to add such logging ?
This would seriously improve the login security of every wallabag user if fail2ban is present, as it greatly reduce bruteforce possibilities (by banning the IP during a certain time after some tries).
Thanks a lot :)
PS: (it obviously doesn't mean the password could be weaker in that case...)
The text was updated successfully, but these errors were encountered: