Fail2Ban and CMSMS

The place to talk about things that are related to CMS Made simple, but don't fit anywhere else.
Post Reply
jackstringer
Forum Members
Forum Members
Posts: 42
Joined: Sun May 02, 2010 3:54 pm

Fail2Ban and CMSMS

Post by jackstringer »

Anyone willing to share the jail and filter settings for Fail2Ban and CMSMS?

Have just updated my VPS and would like to add a jail etc to protect the login for CMSMS. I have done this before but I failed to keep my notes on it and REGEX just makes my brain bleed at times.
User avatar
velden
Dev Team Member
Dev Team Member
Posts: 3483
Joined: Mon Nov 28, 2011 9:29 am
Location: The Netherlands

Re: Fail2Ban and CMSMS

Post by velden »

In our #cms channel in Slack I once posted a simple UDT to get the failed logins logged in the error_log.
The needed regex for Fail2Ban hasn't been shared unfortunately that time.
...
But you can create a udt to do so and attach it to the LoginFailed event

Code: Select all

error_log('CMSMSLOGINFAILED ' . \cms_utils::get_real_ip());
Result in the error log:

Code: Select all

[02-Nov-2020 21:22:21 Europe/Amsterdam] CMSMSLOGINFAILED xx.xx.7.112
jackstringer
Forum Members
Forum Members
Posts: 42
Joined: Sun May 02, 2010 3:54 pm

Re: Fail2Ban and CMSMS

Post by jackstringer »

I haven't tested it much yet but a filter of CMSMSLOGINFAILED might be enough.
Post Reply

Return to “The Lounge”