prosody-modules
807007913f67
mod_log_auth/README.markdown
Software / code / prosody-modules
File
mod_log_auth/README.markdown @ 4974:807007913f67
mod_log_json: Prefer native Lua table.pack over Prosody util.table one
Prosody is removing support for Lua 5.1, which was the reason for
util.table.pack to exist in the first place, since Lua 5.2+ provides
table.pack. In prosody rev 5eaf77114fdb everything was switched over to
use table.pack, opening the door for removing util.table.pack at some
point. This change here is to prepare for that future eventuality.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 11 Jul 2022 20:08:41 +0200 |
| parent | 2347:a47520a2c59d |
line wrap: on
line source
--- labels: - 'Stage-Stable' summary: Log failed authentication attempts with their IP address ... Introduction ============ Prosody doesn't write IP addresses to its log file by default for privacy reasons (unless debug logging is enabled). This module enables logging of the IP address in a failed authentication attempt so that those trying to break into accounts for example can be blocked. fail2ban configuration ====================== fail2ban is a utility for monitoring log files and automatically blocking "bad" IP addresses at the firewall level. With this module enabled in Prosody you can use the following example configuration for fail2ban: # /etc/fail2ban/filter.d/prosody-auth.conf # Fail2Ban configuration file for prosody authentication [Definition] failregex = Failed authentication attempt \(not-authorized\) for user .* from IP: <HOST> ignoreregex = And at the appropriate place (usually the bottom) of /etc/fail2ban/jail.conf add these lines: [prosody] enabled = true port = 5222 filter = prosody-auth logpath = /var/log/prosody/prosody*.log maxretry = 6 Compatibility ------------- ------- -------------- trunk Works 0.9 Works 0.8 Doesn't work ------- --------------
