I’m looking for a way to detect multiple wrong attempts to log into my instance. I checked the logs but couldn’t find anything. My point is to add a rule about this to my fail2ban.
Any clue please?
I think mastodon has built in few rules regarding this as per adding firewall rules it already there if you installed via following this guide.
As per seeing the log Fail2ban may record ip in database so you can check out database for that not sure
Looking Online for Fail2ban guide
You can set Email when its triggered and Also install its client to see the stats
Hope this help you with your query
has some ideas how to apply fail2ban to web server logs. Probably it could be done by watching entries with 403 error code and without a valid username. Couldn’t check on my own instance. There are maybe 403 errors coming from other clients/other implementations, I am not sure that all 403 error should be counted equally.
But some quick analysis of your 403 errors in the log should give some answers.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.