Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##### configure fail2ban for nextcloud #####
- ## install fail2ban ##
- apt-get update
- apt-get install fail2ban
- ## edit nextcloud config.php ##
- nano /var/www/nextcloud/config/config.php
- 'log_type' => 'file',
- 'logtimezone' => 'Europe/Berlin',
- 'logfile' => '/var/log/nextcloud.log',
- 'loglevel' => 2,
- 'syslog_tag' => 'Nextcloud',
- ## prepare logfile ##
- touch /var/log/nextcloud.log
- chown -R www-data:www-data /var/log/nextcloud.log
- chmod -R 755 /var/log/nextcloud.log
- ## create the Nextcloud-filter ##
- nano /etc/fail2ban/filter.d/nextcloud.conf
- [Definition]
- failregex=^{"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)","level":2,"time":".*"}$
- ^{"reqId":".*","level":2,"time":".*","remoteAddr":".*","user,:".*","app":"no app in context".*","method":".*","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)".*}$
- ^{"reqId":".*","level":2,"time":".*","remoteAddr":".*","user":".*","app":".*","method":".*","url":".*","message":"Login failed: .* \(Remote IP: <HOST>\).*}$
- ## create new jail ##
- nano /etc/fail2ban/jail.d/nextcloud.local
- [nextcloud]
- backend = auto
- enabled = true
- port = 80,443
- protocol = tcp
- filter = nextcloud
- maxretry = 3
- bantime = 36000
- findtime = 36000
- logpath = /var/log/nextcloud.log
- ## restart fail2ban ##
- service fail2ban restart
- ## test fail2ban ##
- fail2ban-client status
- fail2ban-regex /var/log/nextcloud.log /etc/fail2ban/filter.d/nextcloud.conf
- => "macthed" should be ≠ 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement