From 938c6ef829544acae97f705b12c366f0aa3188ff Mon Sep 17 00:00:00 2001 From: Asher Date: Thu, 14 Nov 2019 11:14:27 -0600 Subject: [PATCH] Update fail2ban configuration Fixes #1177. --- doc/examples/fail2ban.conf | 4 ++-- doc/fail2ban.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/examples/fail2ban.conf b/doc/examples/fail2ban.conf index 2c00872..7968ce0 100644 --- a/doc/examples/fail2ban.conf +++ b/doc/examples/fail2ban.conf @@ -2,11 +2,11 @@ [Definition] -failregex = ^INFO\s+Failed login attempt\s+{\"password\":\"(\\.|[^"])*\",\"remoteAddress\":\"\" +failregex = ^Failed login attempt\s+{\"remoteAddress\":\"\" # Use this instead for proxies (ensure the proxy is configured to send the # X-Forwarded-For header). -# failregex = ^INFO\s+Failed login attempt\s+{\"password\":\"(\\.|[^"])*\",\"xForwardedFor\":\"\" +# failregex = ^Failed login attempt\s+{\"xForwardedFor\":\"\" ignoreregex = diff --git a/doc/fail2ban.md b/doc/fail2ban.md index 18fbcfe..ce4b717 100644 --- a/doc/fail2ban.md +++ b/doc/fail2ban.md @@ -30,6 +30,6 @@ accessible from the internet (use localhost or block it in your firewall). ## Fail2Ban Fail2Ban allows for automatically banning and logging repeated failed authentication attempts for many applications through regex filters. A working -filter for code-server can be found in `./code-server.fail2ban.conf`. Once this +filter for code-server can be found in `./examples/fail2ban.conf`. Once this is installed and configured correctly, repeated failed login attempts should automatically be banned from connecting to your server.