Community guidelines
Please keep discussions civil and on-topic. Repeated violations may lead to a temporary ban.
Hello,
I would like to use fail2ban to block access to IPs that attempt too many time to log-in with wrong username/password. But I cannot find the logfile in which the failed log-in attempt is logged.
Can someone help me locate this logfile (or maybe enable it) ?
Best regards
Arthur
@Arthur, I noticed folder /cache/login/login_attempts/ has been created which contains entries for each of my failed attempts. But I'm not sure about the meaning of all these entries or what conclusions you may draw from them.
If no one else here on the forum knows for sure, you might try the devs themselves at https://github.com/getgrav/grav-plugin-login
Thank you @pamtbaau
I've contacted the developer teams and I will post here the results if I reach a solution.
Best regards
Hello @Arthur did you find a way to jail the Grav Admin logins with Fail2Ban?
Unfortunately, there is no response to your Issue opened on Github on Mar 8, 2022
https://github.com/getgrav/grav-plugin-login/issues/291
I would also like to protect the Grav login.
Thanks and regards
joejac
Hello again @Arthur
I found in Grav documentation this feature:
"Brute force attacks are a popular choice for website intruders. It could come in the form of someone you know trying to guess your password over and over until they are finally successful or a bot flooding your site with login attempts until eventually the password has been discovered.
Grav's flood protection (also known as rate limiting) feature makes these kinds of attacks exceptionally difficult. It allows you to set a number of failed login attempts within a specific amount of time before the account gets temporarily locked out. Additionally, you can restrict the amount of password reset requests applied to accounts before locking this feature out"
https://learn.getgrav.org/17/admin-panel/security/rate-limiting
In the Login plugin, in the Security tab, it has, by default:
5 login attempts
10 minutes lock after 5 failed login attempts.
These values are configurable.
I tested it and it works fine. I think this feature is enough, it resembles Fail2ban.
Hope this can help.
Regards.
Hello @joejac
Thank you for your answer, I didn't pursue much further the attempts to protect grav admin login with Fail2Ban.
I also didn't know about the flood protection integrated in the login plugin, but I'm really happy that it was there all this time (and thank you again for showing it to me).
Log in to reply.
| Topic | Participants | Replies | Views | Activity |
|---|---|---|---|---|
| 2 | 41 | 1 week ago | ||
| 2 | 50 | 4 weeks ago | ||
| 3 | 1178 | 1 month ago | ||
| 1 | 45 | 1 month ago | ||
| 3 | 68 | 2 months ago |