A Kimai 2 plugin, which logs an error message for every failed login attempt to a dedicated logfile.
This logfile can be analyzed by fail2ban
to block access and prevent authentication attacks.
First clone it to your Kimai installation plugins
directory:
cd /kimai/var/plugins/
git clone https://github.com/Keleo/Fail2BanBundle.git
And then rebuild the cache:
cd /kimai/
bin/console cache:clear
bin/console cache:warmup
You could also download it as zip and upload the directory via FTP:
/kimai/var/plugins/
├── Fail2BanBundle
│ ├── Fail2BanBundle.php
| └ ... more files and directories follow here ...
You should know how to use and configure fail2ban
, we cannot help with that part!
Having said that, here are some possible rules for your fail2ban
configuration.
First the Kimai specific filter:
#/etc/fail2ban/filter.d/kimai2.conf
[Definition]
failregex = fail2ban.ERROR: <HOST> \[.*\] \[.*\]$
And the additional jail.local for Kimai2:
#/etc/fail2ban/jail.local
[kimai2]
enabled = true
filter = kimai2
logpath = /var/www/kimai2/var/log/fail2ban.log
port = http,https
bantime = 600
banaction = iptables-multiport
maxretry = 3
Now touch the file to make sure it exists:
touch /var/www/kimai2/var/log/fail2ban.log
- Bundle inspired by this blog entry
- Thanks also to @BeckeBauer for the idea and the initial try
- Find config documentation in the fail2ban wiki