From 0d7c650b3b59d8a7bbc47135975f040c832e04c0 Mon Sep 17 00:00:00 2001 From: Paul Martin <paul@paulsputer.com> Date: Sun, 25 Oct 2015 12:12:32 -0400 Subject: [PATCH] Log update for Fail2Ban usage --- src/site/setup_fail2ban.mkd | 14 +++++++++----- 1 files changed, 9 insertions(+), 5 deletions(-) diff --git a/src/site/setup_fail2ban.mkd b/src/site/setup_fail2ban.mkd index 928f7a8..c735968 100644 --- a/src/site/setup_fail2ban.mkd +++ b/src/site/setup_fail2ban.mkd @@ -1,20 +1,24 @@ ## Configure fail2ban for Gitblit-SSH -This procedure is based on a Debian installation of [fail2ban](http://www.fail2ban.org/), but it should works in any installation. +This procedure uses [fail2ban](http://www.fail2ban.org/). -First, create a new filter file `gitblit.conf` in filter directory (Debian: `/etc/fail2ban/filter.d/`) or into `filter.conf` file. Here an example: +First, create a new filter file `gitblit.conf` in filter directory (Debian/CentOS: `/etc/fail2ban/filter.d/`) or into `filter.conf` file. Here is an example: [Definition] - failregex = could not authenticate .*? \(/<HOST>:[0-9]*\) for SSH using the supplied password$ + failregex = Failed login attempt for .+, invalid credentials from <HOST>\s*$ + could not authenticate .*? \(/<HOST>:[0-9]*\) for SSH using the supplied password$ ignoreregex = Then edit `jail.conf` to add "gitblit" service (Debian: `/etc/fail2ban/jail.conf`). For example: [gitblit] enabled = true - port = 22 + port = 443,29418 protocol = tcp filter = gitblit logpath = /var/log/gitblit.log -Restart fail2ban to apply (Debian: `/etc/init.d/fail2ban restart`). + +Reload fail2ban config to apply (`fail2ban-client reload`). + +Check the status of the gitblit fail2ban jail with `fail2ban-client status gitblit` -- Gitblit v1.9.1