Closed shalak closed 9 months ago
miqrogroove
commented
9 months ago Status 401 is only allowed for HTTP authentication protocols. Webtrees does not support those. If your site doesn't have any public features, you could enable TLS and basic auth in Apache, then customize the webtrees login system to read the Apache username. I was going to write a module for that once, but never got around to it.
shalak
commented
9 months ago Is it possible to redirect logs to syslog or textfile?
fisharebest
commented
9 months ago I haven't used fail2ban for a long time, but IIRC it looks for repeated HTTP requests in the apache logs.
So can you set it to look for repeated POST requests to the login URL? i.e. X POSTs in Y seconds => ban for Z hours.
shalak
commented
9 months ago Makes perfect sense, and more cost-effective than polling logs via SQL. Thanks for the tip!
I'm looking for a simple solution to setup a
fail2banservice. Unfortunately, the apache I have in front of webtrees does not produce 401 error on failed login attempts. Or am I missing something? I'm using a dockerized deployment.The only idea that comes to my mind is a companion container, which will poll the db (via
SELECT * FROM wt_log) and for matching log. Looks expensive :/