From b5afd2a21d1359c631e3facdb32537564fad7e3d Mon Sep 17 00:00:00 2001 From: Philipp Holzer Date: Mon, 7 Jan 2019 21:08:09 +0100 Subject: [PATCH] change regex for fail2ban --- doc/tools.md | 2 +- src/Core/Logger.php | 8 +++----- src/Module/Login.php | 2 +- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/doc/tools.md b/doc/tools.md index cb6aa1c3a..8746e9c15 100644 --- a/doc/tools.md +++ b/doc/tools.md @@ -56,7 +56,7 @@ In */etc/fail2ban/jail.local* create a section for Friendica: And create a filter definition in */etc/fail2ban/filter.d/friendica.conf*: [Definition] - failregex = ^.*Login\.php.*failed login attempt.*from IP .*$ + failregex = ^.*authenticate\: failed login attempt.*\"ip\"\:\"\".*$ ignoreregex = Additionally you have to define the number of failed logins before the ban should be activated. diff --git a/src/Core/Logger.php b/src/Core/Logger.php index c44ccc968..0bf699575 100644 --- a/src/Core/Logger.php +++ b/src/Core/Logger.php @@ -323,21 +323,19 @@ class Logger extends BaseObject * @brief Logs the given message at the given log level * * @param string $msg - * @param int $level + * @param string $level * * @throws \Exception * @deprecated since 2019.03 Use Logger::debug() Logger::info() , ... instead */ - public static function log($msg, $level = 3) + public static function log($msg, $level = LogLevel::INFO) { if (!isset(self::$logger)) { return; } - $loglevel = self::mapLegacyDebugLevel($level); - $stamp1 = microtime(true); - self::$logger->log($loglevel, $msg); + self::$logger->log($level, $msg); self::getApp()->saveTimestamp($stamp1, "file"); } diff --git a/src/Module/Login.php b/src/Module/Login.php index 516a05df5..d7daf2887 100644 --- a/src/Module/Login.php +++ b/src/Module/Login.php @@ -148,7 +148,7 @@ class Login extends BaseModule ); } } catch (Exception $e) { - Logger::notice('authenticate: failed login attempt', ['username' => Strings::escapeTags($username), 'ip' => $_SERVER['REMOTE_ADDR']]); + Logger::notice('authenticate: failed login attempt', ['action' => 'login', 'username' => Strings::escapeTags($username), 'ip' => $_SERVER['REMOTE_ADDR']]); info('Login failed. Please check your credentials.' . EOL); $a->internalRedirect(); }