webtrees-docker icon indicating copy to clipboard operation
webtrees-docker copied to clipboard

Published 20 hours ago verified publisher icon NathanVaughn

Setting up fail2ban

Open shalak opened this issue 7 months ago • 2 comments

Hello!

Are there any guidelines on how to setup fail2ban for this deployment?

Unfortunatley, the apache log does not contain any 401 replies, and from the browser perspective, unsuccessful login attempt gets reply 200...

shalak avatar Dec 22 '23 22:12 shalak

I don't I'm afraid. I've never used fail2ban with Apache before. I would suggest making your own image based on this one that installs and configures it, using a sidecar container like https://hub.docker.com/r/linuxserver/fail2ban or putting a reverse proxy in front of webtrees that has fail2ban.

NathanVaughn avatar Dec 23 '23 16:12 NathanVaughn

fail2ban itself is not a problem, the issue is that apache does not produce "login failed" error.

The only idea that comes to my mind is a companion container, which will poll the db (via SELECT * FROM wt_log) and for matching log. Looks expensive :/

shalak avatar Dec 24 '23 01:12 shalak