Closed yrpen closed 7 years ago
It would be great if invalid credits in login for will produce 401 status code in logs. 401 Unauthorized (RFC 7235) https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
It'll help configure fail2ban to protect ZnoteAcc against brute force attacks.
At this moment failed login attemt looks like: 127.0.0.1 - - [16/Jul/2017:09:06:05 +0000] "POST /login.php HTTP/1.1" 200 2146 "https://example.com/login.php" "Mozilla/5.0_my_client_options_etc"
127.0.0.1 - - [16/Jul/2017:09:06:05 +0000] "POST /login.php HTTP/1.1" 200 2146 "https://example.com/login.php" "Mozilla/5.0_my_client_options_etc"
It would be great if invalid credits in login for will produce 401 status code in logs. 401 Unauthorized (RFC 7235) https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
It'll help configure fail2ban to protect ZnoteAcc against brute force attacks.
At this moment failed login attemt looks like:
127.0.0.1 - - [16/Jul/2017:09:06:05 +0000] "POST /login.php HTTP/1.1" 200 2146 "https://example.com/login.php" "Mozilla/5.0_my_client_options_etc"