gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-11-27 10:00:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

better formating, more information

Browse Source
This commit is contained in:
Uwe Steinmann 2025-10-23 16:04:28 +02:00
parent a29536f4c2
commit bd0c70def8
1 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
doc/README.Fail2ban
View File

@ -1,18 +1,33 @@
Adding authentication failure check for fail2ban Adding authentication failure check for fail2ban
================================================= =================================================
You will have to use 5.1.10 for this to work. Fail2ban is a very mature and sophisticated program to detect attacks on
a service by checking its log file. If such an attack was detected an
action will be executed, which will mostly ban the IP of the attacker
for a configurable amount of time.
Add a filter /etc/fail2ban/filter.d/seeddms.conf with the content You will have to use at least SeedDMS 5.1.10 for this to work.
Add a filter `/etc/fail2ban/filter.d/seeddms.conf` with the content
```
[Definition] [Definition]
failregex = \[error\] -- \(<HOST>\) op.Login login failed failregex = \[error\] -- \(<HOST>\) op.Login login failed
```
then configure a new jail in /etc/fail2ban/jail.d/seeddms.conf This will tell fail2ban which lines in the log file are considered
to be an incident. Here it is a failed login.
Than configure a new jail in `/etc/fail2ban/jail.d/seeddms.conf`
```
[seeddms] [seeddms]
enabled = yes enabled = yes
port = http,https port = http,https
filter = seeddms filter = seeddms
logpath = /home/www-data/seeddms-demo/data/log/*.log logpath = /home/www-data/seeddms-demo/data/log/*.log
```
It tells fail2ban which log files shall be analysed, and which filter
has to be applied.