Open plopoyop opened 5 years ago
Is that implemented ?
into the nginx access logs we can find 401 errors when there is a wrong password :
IPADDRESS - - [20/Apr/2021:08:05:49 +0200] "GET /rss/api/greader.php/accounts/ClientLogin?Email=clement&Passwd=wrongpass HTTP/2.0" 401 13 "-" "curl/7.71.1"
There is also this in data/users/_/log_api.txt
:
[Tue, 20 Apr 2021 08:11:17 +0200] [warning] --- unauthorized() Array
(
[date] => 2021-04-20T08:11:17+02:00
[headers] => Array
(
[Accept] => */*
[User-Agent] => curl/7.71.1
[Host] => example.net
[Content-Length] =>
[Content-Type] =>
)
[_SERVER] => Array
(
[USER] => freshrss
[HOME] => /home/freshrss
[PATH_TRANSLATED] => /var/www/freshrss/p/accounts/ClientLogin
[ORIG_SCRIPT_FILENAME] => /var/www/freshrss/p/api/greader.php/accounts/ClientLogin
[HTTP_ACCEPT] => */*
[HTTP_USER_AGENT] => curl/7.71.1
[HTTP_HOST] => example.net
[SCRIPT_FILENAME] => /var/www/freshrss/p/api/greader.php
[PATH_INFO] => /accounts/ClientLogin
[REMOTE_USER] =>
[REDIRECT_STATUS] => 200
[SERVER_NAME] => example.net
[SERVER_PORT] => 443
[SERVER_ADDR] => X.X.X.X
[REMOTE_PORT] => 46748
[REMOTE_ADDR] => Y.Y.Y.Y
[SERVER_SOFTWARE] => nginx/1.14.2
[GATEWAY_INTERFACE] => CGI/1.1
[HTTPS] => on
[REQUEST_SCHEME] => https
[SERVER_PROTOCOL] => HTTP/2.0
[DOCUMENT_ROOT] => /var/www/freshrss/p/
[DOCUMENT_URI] => /rss/api/greader.php/accounts/ClientLogin
[REQUEST_URI] => /rss/api/greader.php/accounts/ClientLogin?Email=clement&Passwd=wrongpass
[SCRIPT_NAME] => /rss/api/greader.php
[CONTENT_LENGTH] =>
[CONTENT_TYPE] =>
[REQUEST_METHOD] => GET
[QUERY_STRING] => Email=clement&Passwd=wrongpass
[FCGI_ROLE] => RESPONDER
[PHP_SELF] => /rss/api/greader.php/accounts/ClientLogin
[REQUEST_TIME_FLOAT] => 1618899077.0317
[REQUEST_TIME] => 1618899077
)
[_GET] => Array
(
[Email] => clement
[Passwd] => wrongpass
)
[_POST] => Array
(
)
[_COOKIE] => Array
(
)
[INPUT] =>
)
But since it is a multi line log, I am not sure it is usable with fail2ban
Do we have fail2ban implemented somewhere in the app ? I can't find anything about it :thinking:
This is implemented, and issue could be closed ?
As requested into : https://github.com/YunoHost-Apps/freshrss_ynh/issues/57#issuecomment-440567480