Create vaultwarden.conf

Filter for unsuccessful Vaultwarden authentication attempts
2025-04-01 20:36:53 +08:00 · 2025-04-01 20:36:53 +08:00 · c7f7bc55bb
parent 6b57e46070
commit c7f7bc55bb
1 changed files with 8 additions and 0 deletions
--- a/config/filter.d/vaultwarden.conf
+++ b/config/filter.d/vaultwarden.conf
@ -0,0 +1,8 @@
+# Fail2Ban filter for unsuccessful Vaultwarden authentication attempts
+# Logged in /var/log/vaultwarden.log
+# Author: LearningSpot
+
+[Definition]
+
+failregex = \[vaultwarden::api::(identity||admin||core::two_factor::authenticator)\]\[ERROR\] (Invalid admin token||Invalid TOTP code||Username or password is incorrect)(.*) IP: <HOST>(?:\. Username: <F-USER>.+</F-USER>\.)?$
+ignoreregex =