logging failed login attempts

Chris H.
2013-04-17
2013-04-18
  • Chris H.

    Chris H. - 2013-04-17

    Has anyone implemented the logging of failed login attempts (with source IP address) in Postfix Admin? Optimally this would be directly to a file, not to the DB as I am hoping to use Fail2Ban to ban IPs who are executing brute-force attacks again Postfix Admin. Thanks.

    -Chris

     
  • GingerDog

    GingerDog - 2013-04-17

    You could presumably just do it from the Apache log - look for more than a reasonable number of POST requests to the PFA URL - similar to how this fail2ban ruleset works - http://codepoets.co.uk/2013/fail2ban-filter-for-wordpress/

     
    • Chris H.

      Chris H. - 2013-04-18

      GingerDog, thank you for the quick reply. That is one way of approaching the problem and I may end up having to do that. I was hoping Postfix Admin could log authentications to a log file, so that i could clearly differentiate login failures from successes.

       

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks