the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2024-09-20 07:35:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added Fail2ban instructions

Browse source
This commit is contained in:
djmaze 2020-07-29 11:29:59 +02:00
parent 07fd143853
commit bc79a4f5b1
6 changed files with 63 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -35,6 +35,7 @@ This fork has the following changes:
* Privacy/GDPR friendly (no: Social, Gravatar, Facebook, Google, Twitter, DropBox, OwnCloud, X-Mailer)
* Admin uses password_hash/password_verify
* Auth failed attempts written to syslog
* Added Fail2ban instructions
* ES2015 (removed polyfills and Modernizr)
* PHP 7.3+ required
* PHP mbstring extension required

39
fail2ban/README.md Normal file
View file

@ -0,0 +1,39 @@
# Fail2ban Instructions
This modified version of RainLoop logs to the system (when syslog works in PHP).
If you use other ports then http, https & 2096, modify them in /filter.d/*.conf
## Systemd journal PHP-FPM
Upload the following to /etc/fail2ban/*
- /filter.d/rainloop-fpm-journal.conf
- /jail.d/rainloop-fpm-journal.conf
Modify your /etc/fail2ban/jail.local with:
<code>[rainloop-fpm-journal]<br/>
enabled = true</code>
## Default log (not recommended)
Modify /PATH-TO-RAINLOOP-DATA/_data_/_default_/configs/application.ini
<code>[logs]<br/>
auth_logging = On<br/>
auth_logging_filename = "fail2ban/auth-fail.log"<br/>
auth_logging_format = "[{date:Y-m-d H:i:s T}] Auth failed: ip={request:ip} user={imap:login} host={imap:host} port={imap:port}"
</code>
Modify the path in /jail.d/rainloop-log.conf
Upload the following to /etc/fail2ban/*
- /filter.d/rainloop-log.conf
- /jail.d/rainloop-log.conf
Modify your /etc/fail2ban/jail.local with:
<code>[rainloop-log]<br/>
enabled = true</code>

8
fail2ban/filter.d/rainloop-fpm-journal.conf Normal file
View file

@ -0,0 +1,8 @@
[INCLUDES]
before = common.conf
[Definition]
failregex = Auth failed: ip=<HOST> user=.*$
ignoreregex =
_daemon = php-fpm
journalmatch = _SYSTEMD_UNIT=php-fpm.service SYSLOG_FACILITY=10
#journalmatch = _SYSTEMD_UNIT=php-fpm.service SYSLOG_FACILITY=10 SYSLOG_IDENTIFIER=rainloop PRIORITY=3

5
fail2ban/filter.d/rainloop-log.conf Normal file
View file

@ -0,0 +1,5 @@
[INCLUDES]
#before = common.conf
[Definition]
failregex = Auth failed: ip=<HOST> user=.* host=.* port=.*$
ignoreregex =

5
fail2ban/jail.d/rainloop-fpm-journal.conf Normal file
View file

@ -0,0 +1,5 @@
[rainloop-fpm-journal]
filter = rainloop-fpm-journal
port = http,https,2096
backend = systemd
maxretry = 3

5
fail2ban/jail.d/rainloop-log.conf Normal file
View file

@ -0,0 +1,5 @@
[rainloop-log]
filter = rainloop-log
port = http,https,2096
logpath = /PATH-TO-RAINLOOP-DATA/_data_/_default_/logs/fail2ban/auth-fail.log
maxretry = 3