diff --git a/doc/examples/fail2ban.conf b/doc/examples/fail2ban.conf index 2c00872..7968ce0 100644 --- a/doc/examples/fail2ban.conf +++ b/doc/examples/fail2ban.conf @@ -2,11 +2,11 @@ [Definition] -failregex = ^INFO\s+Failed login attempt\s+{\"password\":\"(\\.|[^"])*\",\"remoteAddress\":\"\" +failregex = ^Failed login attempt\s+{\"remoteAddress\":\"\" # Use this instead for proxies (ensure the proxy is configured to send the # X-Forwarded-For header). -# failregex = ^INFO\s+Failed login attempt\s+{\"password\":\"(\\.|[^"])*\",\"xForwardedFor\":\"\" +# failregex = ^Failed login attempt\s+{\"xForwardedFor\":\"\" ignoreregex = diff --git a/doc/fail2ban.md b/doc/fail2ban.md index 18fbcfe..ce4b717 100644 --- a/doc/fail2ban.md +++ b/doc/fail2ban.md @@ -30,6 +30,6 @@ accessible from the internet (use localhost or block it in your firewall). ## Fail2Ban Fail2Ban allows for automatically banning and logging repeated failed authentication attempts for many applications through regex filters. A working -filter for code-server can be found in `./code-server.fail2ban.conf`. Once this +filter for code-server can be found in `./examples/fail2ban.conf`. Once this is installed and configured correctly, repeated failed login attempts should automatically be banned from connecting to your server.