fail2ban with owncloud works great! thank you!
I think that nethserver-fail2ban is ready to go to the stable release
mmm fail2ban has ban me without reasonâŠ(owncloud auth) tomorrow i will investigate⊠(could be my error)
Take a look to the maximum ban attempts (default is 3),which jails has banned (see the blacklist panel), the owncloud logs (/var/www/html/owncloud/data/owncloud.log)
You need also to look after the maximum find time (default is 10 minutes) maybe it is old bad attempts that fail2ban has found (if the server is not a test server)
i think itâs a problem with the owncloud app! âŠmore investigations neededâŠ
(i think is the android app)
You can have a look on the regex used in /etc/fail2ban/filter.d/owncloud.conf if you want to look on the failed attempt which trigger a ban
it log a failed login attemp but i donât know the reason⊠no sense
Can you write what is the failed login attempts, how many failed attempts have you had ?
2016-03-09 21:55:02,123 fail2ban.filter [14779]: INFO [owncloud-auth] Found 151.29.xxx.xxx
2016-03-09 21:55:02,151 fail2ban.filter [14779]: INFO [owncloud-auth] Found 151.29.xxx.xxx
2016-03-09 21:55:02,157 fail2ban.filter [14779]: INFO [owncloud-auth] Found 151.29.xxx.xxx
2016-03-09 21:55:02,552 fail2ban.filter [14779]: INFO [owncloud-auth] Found 151.29.xxx.xxx
2016-03-09 21:55:02,570 fail2ban.filter [14779]: INFO [owncloud-auth] Found 151.29.xxx.xxx
2016-03-09 21:55:02,601 fail2ban.filter [14779]: INFO [owncloud-auth] Found 151.29.xxx.xxx
2016-03-09 21:55:02,750 fail2ban.actions [14779]: NOTICE [owncloud-auth] Ban 151.29.xxx.xxx
2016-03-09 21:55:02,761 fail2ban.filter [14779]: INFO [recidive] Found 151.29.xxx.xxx
2016-03-09 21:55:03,217 fail2ban.actions [14779]: NOTICE [owncloud-auth] 151.29.xxx.xxx already banned
2016-03-09 21:55:13,564 fail2ban.filter [14779]: INFO [owncloud-auth] Found 5.90.170.x
2016-03-09 21:55:13,597 fail2ban.filter [14779]: INFO [owncloud-auth] Found 5.90.170.x
2016-03-09 21:55:13,698 fail2ban.filter [14779]: INFO [owncloud-auth] Found 5.90.170.x
2016-03-09 21:55:14,230 fail2ban.actions [14779]: NOTICE [owncloud-auth] Ban 5.90.170.x
2016-03-09 21:55:14,231 fail2ban.filter [14779]: INFO [recidive] Found 5.90.170.x
2016-03-09 22:55:03,543 fail2ban.actions [14779]: NOTICE [owncloud-auth] Unban 151.29.xxx.xxx
1 h bantime⊠the ip has changed because i switch off the wifi on the phone. With the android app i can download and see file on the cloud without problem so the password is ok.
UPDATE: the problem is the mobile app, if i delete the account and recreate it (on the app) the login is successful and i can enter in the cloud, download some file thenâŠbanâŠ
APP: Owncloud Official app
thanks, can you send me (in a good file attachments) the full log of
/var/www/html/owncloud/data/owncloud.log
/var/log/fail2ban.log
and the database of fail2ban
config show fail2ban
to stephdl at de-labrusse.fr
Fail2ban looks in the logs with a regex, if it can find something, it is because the regex matches what it was looking forâŠbut I have no explanations right now why.
done!
yes I have the logs, but I can see a lot of failed attempts on the user J⊠in the log of owncloud, you should open a bug on the owncloud app, fail2ban does what we ask
similar issue :
More info on failed login attempts in log file · Issue #10795 · owncloud/core · GitHub
@all how many are you to use the owncloud app, do you think that the owncloud jail should be disabled by default ?
i have used fail2ban on many owncloud server without problemâŠall owncloud > 7âŠtomorrow i will try to undestand better the problem
Indeed, can we move it on NethForge so everyone can install it?
I have limited free time actually and as a bad new the mtb season has started here. My son is recalling me all weekends.
Sure that more rpms could reach nethforge, these rpm http://mirror.de-labrusse.fr/nethserver/ and probably those on the dzoote mirror.
I have no access yet but I know it is a matter to send a ssh key. However either if I recreate a repository or I use nethforge I wonât reach a sustainable way of development as i would love.
The only interest I see with nethforge is that users wonât be hostages if I decide to shut down my repository
Isnât the best solution to integrate F2B by Stephane de Labrusse in NS like a module/package?
Of course if the two parts are agree! May we vote?
Why not? When Stephane thinks the package itâs ready, I can build it and put into the forge
It looks ready so you can move it, I think.