prosody-modules
fe081789f7b5
mod_log_auth/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Comparison

mod_log_auth/README.md @ 6003:fe081789f7b5

All community modules: Unify file extention of Markdown files to .md
author Menel <menel@snikket.de>
date Tue, 22 Oct 2024 10:26:01 +0200 (5 months ago)
parent 2347:mod_log_auth/README.markdown@a47520a2c59d
comparison
equal deleted inserted replaced
6002:5a65a632d5b9 6003:fe081789f7b5
1 ---
2 labels:
3 - 'Stage-Stable'
4 summary: Log failed authentication attempts with their IP address
5 ...
6
7 Introduction
8 ============
9
10 Prosody doesn't write IP addresses to its log file by default for
11 privacy reasons (unless debug logging is enabled).
12
13 This module enables logging of the IP address in a failed authentication
14 attempt so that those trying to break into accounts for example can be
15 blocked.
16
17 fail2ban configuration
18 ======================
19
20 fail2ban is a utility for monitoring log files and automatically
21 blocking "bad" IP addresses at the firewall level.
22
23 With this module enabled in Prosody you can use the following example
24 configuration for fail2ban:
25
26 # /etc/fail2ban/filter.d/prosody-auth.conf
27 # Fail2Ban configuration file for prosody authentication
28 [Definition]
29 failregex = Failed authentication attempt \(not-authorized\) for user .* from IP: <HOST>
30 ignoreregex =
31
32 And at the appropriate place (usually the bottom) of
33 /etc/fail2ban/jail.conf add these lines:
34
35 [prosody]
36 enabled = true
37 port = 5222
38 filter = prosody-auth
39 logpath = /var/log/prosody/prosody*.log
40 maxretry = 6
41
42 Compatibility
43 -------------
44
45 ------- --------------
46 trunk Works
47 0.9 Works
48 0.8 Doesn't work
49 ------- --------------