Has anyone implemented the logging of failed login attempts (with source IP address) in Postfix Admin? Optimally this would be directly to a file, not to the DB as I am hoping to use Fail2Ban to ban IPs who are executing brute-force attacks again Postfix Admin. Thanks.
-Chris
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
GingerDog, thank you for the quick reply. That is one way of approaching the problem and I may end up having to do that. I was hoping Postfix Admin could log authentications to a log file, so that i could clearly differentiate login failures from successes.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Has anyone implemented the logging of failed login attempts (with source IP address) in Postfix Admin? Optimally this would be directly to a file, not to the DB as I am hoping to use Fail2Ban to ban IPs who are executing brute-force attacks again Postfix Admin. Thanks.
-Chris
You could presumably just do it from the Apache log - look for more than a reasonable number of POST requests to the PFA URL - similar to how this fail2ban ruleset works - http://codepoets.co.uk/2013/fail2ban-filter-for-wordpress/
GingerDog, thank you for the quick reply. That is one way of approaching the problem and I may end up having to do that. I was hoping Postfix Admin could log authentications to a log file, so that i could clearly differentiate login failures from successes.