From e69804d4001796a49476089bcbe8f67c3c700497 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gmail.com>
Date: Mon, 26 Oct 2015 15:09:25 -0400
Subject: [PATCH] Merge pull request #947 from paulsputer/LogUpdateForAllAuthentication

---
 src/site/setup_fail2ban.mkd |   14 +++++++++-----
 1 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/site/setup_fail2ban.mkd b/src/site/setup_fail2ban.mkd
index 928f7a8..c735968 100644
--- a/src/site/setup_fail2ban.mkd
+++ b/src/site/setup_fail2ban.mkd
@@ -1,20 +1,24 @@
 ## Configure fail2ban for Gitblit-SSH
 
-This procedure is based on a Debian installation of [fail2ban](http://www.fail2ban.org/), but it should works in any installation.
+This procedure uses [fail2ban](http://www.fail2ban.org/).
 
-First, create a new filter file `gitblit.conf` in filter directory (Debian: `/etc/fail2ban/filter.d/`) or into `filter.conf` file. Here an example:
+First, create a new filter file `gitblit.conf` in filter directory (Debian/CentOS: `/etc/fail2ban/filter.d/`) or into `filter.conf` file. Here is an example:
 
     [Definition]
-    failregex = could not authenticate .*? \(/<HOST>:[0-9]*\) for SSH using the supplied password$
+    failregex =  Failed login attempt for .+, invalid credentials from <HOST>\s*$
+                 could not authenticate .*? \(/<HOST>:[0-9]*\) for SSH using the supplied password$
     ignoreregex =
 
 Then edit `jail.conf` to add "gitblit" service (Debian: `/etc/fail2ban/jail.conf`). For example:
 
     [gitblit]
     enabled = true
-    port = 22
+    port = 443,29418
     protocol = tcp
     filter = gitblit
     logpath = /var/log/gitblit.log
 
-Restart fail2ban to apply (Debian: `/etc/init.d/fail2ban restart`).
+
+Reload fail2ban config to apply (`fail2ban-client reload`).
+
+Check the status of the gitblit fail2ban jail with `fail2ban-client status gitblit`

--
Gitblit v1.9.1