Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    Kopano Webapp reverse Proxy Fail2Ban integration

    Kopano WebApp
    2
    3
    248
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Former User
      A Former User last edited by

      Hello,
      we run the Kopan webapp and also Z-Push behind an Apache reverse proxy. Now I want to secure the Webapp and also Z-Push with Fail2Ban. The Apache proxy generates the correct http header “X-Forwarded-For”.
      With this logging setting

      "CustomLog /path/to/logs/access_log "%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\" \"[XF %{X-Forwarded-For}i]\""
      

      the Apache web server on Kopano server logs the “X-Forwarded-For” headers in the Apache access log. But login errors of the WebApp are logged in error_log by Apache.
      Unfortunately Fail2Ban need the login error and the correct IP address in one log file.
      Question: How do I get the WebApp login errors into the Apache access log?

      I am grateful for any help.

      1 Reply Last reply Reply Quote 0
      • sebschremser
        sebschremser last edited by

        Hi @WalterHof

        I am also setting up an fail2ban environment behind an apache reverse proxy.

        In my apache.error.log I have all infos fail2ban needs.
        example line:

        [Wed Sep 16 10:44:08.987810 2020] [:error] [pid 24475] [client 12.34.56.78:40378] Kopano WebApp user: <user>: authentication failure at MAPI, referer: https://kopano.example.com/webapp/?logon
        

        Simply configure fail2ban to look for the error.log and not the access.log. Or am i missing something?

        Do you set up fail2ban on the Kopano Server or on the Revproxy?

        Kind regards
        Basti

        1 Reply Last reply Reply Quote 0
        • A Former User
          A Former User last edited by

          Hi,

          I run fail2ban on the kopano server. My reverse proxy is an Apache2 so I have external IPs in error log on kopano server.

          Walter

          1 Reply Last reply Reply Quote 0
          • First post
            Last post