mirror of https://github.com/fail2ban/fail2ban
Merge 3b3a9676af
into 86b9adb2f5
commit
d5f18524c7
|
@ -0,0 +1,7 @@
|
|||
# Fail2Ban filter for Group-Office lost password requests
|
||||
# logpath must be the webserver error log
|
||||
|
||||
[Definition]
|
||||
|
||||
failregex = Lost password request from IP: '<HOST>'
|
||||
ignoreregex =
|
|
@ -1,14 +1,7 @@
|
|||
# Fail2Ban filter for Group-Office
|
||||
#
|
||||
# Enable logging with:
|
||||
# $config['info_log']='/home/groupoffice/log/info.log';
|
||||
#
|
||||
# Fail2Ban filter for Group-Office authentication failures
|
||||
# logpath must be the webserver error log
|
||||
|
||||
[Definition]
|
||||
|
||||
failregex = ^\[\]LOGIN FAILED for user: "\S+" from IP: <HOST>$
|
||||
|
||||
failregex = Password authentication failed for '\S+' from IP: '<HOST>'
|
||||
ignoreregex =
|
||||
|
||||
# Author: Daniel Black
|
||||
|
||||
|
|
|
@ -450,7 +450,13 @@ logpath = /var/log/horde/horde.log
|
|||
[groupoffice]
|
||||
|
||||
port = http,https
|
||||
logpath = /home/groupoffice/log/info.log
|
||||
logpath = /var/log/apache2/error.log
|
||||
|
||||
[groupoffice-lost-password]
|
||||
|
||||
port = http,https
|
||||
logpath = /var/log/apache2/error.log
|
||||
maxretry = 100
|
||||
|
||||
|
||||
[sogo-auth]
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# failJSON: { "time": "2014-01-06T10:59:38", "match": true, "host": "127.0.0.1" }
|
||||
[2014-01-06 10:59:38]LOGIN FAILED for user: "asdsad" from IP: 127.0.0.1
|
||||
# failJSON: { "time": "2014-01-06T10:59:49", "match": false, "host": "127.0.0.1" }
|
||||
[2014-01-06 10:59:49]LOGIN SUCCESS for user: "admin" from IP: 127.0.0.1
|
||||
# failJSON: { "time": "2024-03-26T07:59:08", "match": true, "host": "192.168.65.1" }
|
||||
localhost [Tue Mar 26 07:59:08 2024] [notice] [pid 1662] [client 192.168.65.1:17672] Password authentication failed for '192.168.100.100' from IP: '192.168.65.1'
|
||||
# failJSON: { "time": "2024-03-26T08:17:24", "match": false, "host": "192.168.65.1" }
|
||||
localhost [Tue Mar 26 08:17:24 2024] [notice] [pid 90] [client 192.168.65.1:17733] Lost password request from IP: '192.168.65.1'
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
# failJSON: { "time": "2024-03-26T07:59:08", "match": false, "host": "192.168.65.1" }
|
||||
localhost [Tue Mar 26 07:59:08 2024] [notice] [pid 1662] [client 192.168.65.1:17672] Password authentication failed for 'johndoe' from IP: '192.168.65.1'
|
||||
# failJSON: { "time": "2024-03-26T08:17:24", "match": true, "host": "192.168.65.1" }
|
||||
localhost [Tue Mar 26 08:17:24 2024] [notice] [pid 90] [client 192.168.65.1:17733] Lost password request from IP: '192.168.65.1'
|
Loading…
Reference in New Issue