| This manual is deprecated. Please visit https://groupoffice.readthedocs.io for the latest documentation. |
Difference between revisions of "Fail2ban"
From Group-Office Groupware and CRM Documentation
(Created page with "With fail2ban you can enhance the security of Group-Office. When a user logs in Group-Office writes log message to /home/groupoffice/log/info.log (or wherever your file_storage_p...") |
|||
| (3 intermediate revisions by the same user not shown) | |||
| Line 7: | Line 7: | ||
</pre> | </pre> | ||
| − | Create the Group-Office script /etc/fail2ban/filter.d/ | + | Create the Group-Office script /etc/fail2ban/filter.d/groupoffice.conf: |
<pre> | <pre> | ||
# Fail2Ban configuration file | # Fail2Ban configuration file | ||
| − | |||
# | # | ||
| − | |||
# Group-Office | # Group-Office | ||
| − | |||
# | # | ||
| − | |||
| − | |||
[Definition] | [Definition] | ||
| − | |||
| − | |||
failregex = .*LOGIN FAILED for user: .* from IP: <HOST> | failregex = .*LOGIN FAILED for user: .* from IP: <HOST> | ||
| − | |||
| − | |||
ignoreregex = | ignoreregex = | ||
| Line 34: | Line 25: | ||
<pre> | <pre> | ||
[groupoffice] | [groupoffice] | ||
| − | |||
| − | |||
enabled = true | enabled = true | ||
| − | |||
port = http,https | port = http,https | ||
| − | |||
filter = groupoffice | filter = groupoffice | ||
| − | |||
logpath = /home/groupoffice/log/info.log | logpath = /home/groupoffice/log/info.log | ||
| − | |||
maxretry = 3 | maxretry = 3 | ||
</pre> | </pre> | ||
| + | |||
| + | |||
| + | Edit the Group-Office config.php file and add: | ||
| + | |||
| + | <pre> | ||
| + | $config['info_log']='/home/groupoffice/log/info.log'; | ||
| + | </pre> | ||
| + | |||
| + | |||
| + | ===Mail server=== | ||
| + | If you use the Group-Office mailserver it's also recommended to enable sasl, dovecot and postfix filters. | ||
Latest revision as of 09:36, 16 April 2014
With fail2ban you can enhance the security of Group-Office. When a user logs in Group-Office writes log message to /home/groupoffice/log/info.log (or wherever your file_storage_path is). fail2ban analyzes this file and when someone enters a number of wrong passwords it will block the IP address using IPtables.
To install fail2ban on debian enter:
apt-get install fail2ban
Create the Group-Office script /etc/fail2ban/filter.d/groupoffice.conf:
# Fail2Ban configuration file # # Group-Office # [Definition] failregex = .*LOGIN FAILED for user: .* from IP: <HOST> ignoreregex =
Edit jail.conf and add:
[groupoffice] enabled = true port = http,https filter = groupoffice logpath = /home/groupoffice/log/info.log maxretry = 3
Edit the Group-Office config.php file and add:
$config['info_log']='/home/groupoffice/log/info.log';
Mail server
If you use the Group-Office mailserver it's also recommended to enable sasl, dovecot and postfix filters.
