zefhemel
commented
3 weeks ago I just added a log message for this: "Authentication failed, redirecting to auth page"
Closed showgood163 closed 3 weeks ago
zefhemel
commented
3 weeks ago I just added a log message for this: "Authentication failed, redirecting to auth page"
showgood163
commented
3 weeks ago Thanks. Could you make the log reflect the IP so that fail2ban can work?
zefhemel
commented
3 weeks ago I assumed it would be easy, but it seems surprisingly hard to determine the remote IP.
showgood163
commented
3 weeks ago Alright, just take your time.
aorith
commented
3 weeks ago At this moment, I'm using this filter with Caddy in front of Silverbullet:
[Definition]
failregex = ^.*"remote_ip":"<HOST>",.*?auth\?error=1".*$Since a bad authentication triggers a redirect to /.auth?error=1.
I don't see why you would expose a password-protected Silverbullet instance without TLS termination. Caddy/Nginx etc will also take care of logging the IP address.
showgood163
commented
2 weeks ago Thanks for the input. Will report back when I have time to test that.
Hi there,
I want to put my silverbullet instance on Internet for convenient access. Because I'm in an untrusted network environment, I want to record failed authentication in logs for fail2ban or other similar programs to identify and prevent abuses by banning IPs. However, with username-passward authencation enabled, I see no login failure in logs after I typed wrong username and password. Is there a way to record failed authentication in logs?