Closed showgood163 closed 3 weeks ago
I just added a log message for this: "Authentication failed, redirecting to auth page"
Thanks. Could you make the log reflect the IP so that fail2ban can work?
I assumed it would be easy, but it seems surprisingly hard to determine the remote IP.
Alright, just take your time.
At this moment, I'm using this filter with Caddy in front of Silverbullet:
[Definition]
failregex = ^.*"remote_ip":"<HOST>",.*?auth\?error=1".*$
Since a bad authentication triggers a redirect to /.auth?error=1
.
I don't see why you would expose a password-protected Silverbullet instance without TLS termination. Caddy/Nginx etc will also take care of logging the IP address.
Thanks for the input. Will report back when I have time to test that.
Hi there,
I want to put my silverbullet instance on Internet for convenient access. Because I'm in an untrusted network environment, I want to record failed authentication in logs for fail2ban or other similar programs to identify and prevent abuses by banning IPs. However, with username-passward authencation enabled, I see no login failure in logs after I typed wrong username and password. Is there a way to record failed authentication in logs?