I use owncloud like the Instructions from Owncloud 8 and MySQL: alternative approach
Can i use fail2ban with thes and how can i use?
EDIT:
I have found a solution and i will write down here
I use owncloud like the Instructions from Owncloud 8 and MySQL: alternative approach
Can i use fail2ban with thes and how can i use?
EDIT:
I have found a solution and i will write down here
You need a working Owncloud like the guid from Owncloud 8 and MySQL: alternative approach
and the fail2ban plugin.
I have test it with owncloud 8.0.4 and 8.1 but it is for 8.2 too
for owncloud 8.1 the lines in the owncloud.conf:
copy for owncloud 8.0.x the lines in the owncloud.conf:
it is different to owncloud 7
you can test the jail on your omv system with:
Hi, i try to configue file2ban with you guide, but have some troubles.
File: /etc/fail2ban/jail.conf
chain = INPUTaction_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(c$action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%$%(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", cha$action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="$%(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, $action = %(action_mwl)s[owncloud]enabled = yesport = 80, 443filter = owncloudlogpath = /var/log/owncloud.logbantime = 3600maxretry = 3
owncloud.conf
owncloud config.php
file2ban.log
owncloud.log
{"reqId":"p1S\/cQhXxUG8AZty7VYL","remoteAddr":"::ffff:192.168.20.143","app":"core","message":"Login failed: 'dfgfdg' (Remote IP: '::ffff:192.168.20.143)","leve$
{"reqId":"JqOjJ9w34+XBV8QdctMq","remoteAddr":"::ffff:192.168.20.143","app":"core","message":"Login failed: 'dfgfdg' (Remote IP: '::ffff:192.168.20.143)","level$
{"reqId":"w80\/RpVvyZ1USK\/Y\/cXq","remoteAddr":"::ffff:192.168.20.143","app":"core","message":"Login failed: 'dfgfdgjghjg' (Remote IP: '::ffff:192.168.20.143)$
{"reqId":"NnnhtzAlyTsiRcVJ9\/li","remoteAddr":"::ffff:192.168.20.143","app":"core","message":"Login failed: 'dfgfdgjghjg' (Remote IP: '::ffff:192.168.20.143)",$
{"reqId":"1L2jcXZPO1yGWPHVTmZs","remoteAddr":"::ffff:192.168.20.143","app":"core","message":"Login failed: 'dfgfdgjghjgertert' (Remote IP: '::ffff:192.168.20.1$
{"reqId":"F+061eL29K2t\/HLuxO6W","remoteAddr":"::ffff:192.168.20.143","app":"core","message":"Login failed: 'dfgfdgjghjgertert' (Remote IP: '::ffff:192.168.20.$
{"reqId":"XErrVvzPEGUMfAgEkH1Q","remoteAddr":"::ffff:192.168.20.143","app":"core","message":"Login failed: 'dfgfdgjghjgertert' (Remote IP: '::ffff:192.168.20.1$
and test of fail2ban
PLS help me to configue fail2ban plugin
how version of owncloud do you use?
ownCloud 8.1.0 (stable)
sorry, i don't test fail2ban with owncloud 8.1. I have other errors in owncloud 8.1 and i down't know to fix it (see Owncloud 8 and MySQL: alternative approach )
I need a Fail2Ban guide for OC v8.1.0.
Thanks 'happyreacer'.
I'll try it out tonight.
I wish you success
I tested new regex, and it work, but fail2ban dont blocking IP-s with fail logins
Status
|- Number of jail: 1
`- Jail list: owncloud
Status for the jail: owncloud
|- filter
| |- File list: /var/log/owncloud.log
| |- Currently failed: 2
| `- Total failed: 22
`- action
|- Currently banned: 0
| `- IP list:
`- Total banned: 0
================================================================================
= OS/Debian information
================================================================================
Distributor ID: debian
Description: Debian GNU/Linux 7 (wheezy)
Release: 7.8
Codename: wheezy
================================================================================
= OpenMediaVault information
================================================================================
Release: 2.1.1
Codename: Stone burner
max retry: 3
ban time: 3600
@grekazrail please give me a feedback
ok, i try to login via web gui, insert many times, more than 10 whith pause in 5-10sec. In log
Status
|- Number of jail: 1
`- Jail list: owncloud
Status for the jail: owncloud
|- filter
| |- File list: /var/log/owncloud.log
| |- Currently failed: 2
| `- Total failed: 25
`- action
|- Currently banned: 1
| `- IP list: 192.168.20.143
`- Total banned: 1
I see that Currently failed dont changes more then 2, and total failed is +1 avery times when i failed login/
And, |- Currently banned: 1| `- IP list: 192.168.20.143`- Total banned: 1 - this IP of my host, but I can access to owncloud web gui logon page every time
ok, may be its work, but I can access to owncloud web gui from banned IP.
May be I must write something to iptables?
Don’t have an account yet? Register yourself now and be a part of our community!