Kopano Webapp reverse Proxy Fail2Ban integration

A Former User

Hello,
we run the Kopan webapp and also Z-Push behind an Apache reverse proxy. Now I want to secure the Webapp and also Z-Push with Fail2Ban. The Apache proxy generates the correct http header “X-Forwarded-For”.
With this logging setting

"CustomLog /path/to/logs/access_log "%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\" \"[XF %{X-Forwarded-For}i]\""

the Apache web server on Kopano server logs the “X-Forwarded-For” headers in the Apache access log. But login errors of the WebApp are logged in error_log by Apache.
Unfortunately Fail2Ban need the login error and the correct IP address in one log file.
Question: How do I get the WebApp login errors into the Apache access log?

I am grateful for any help.

sebschremser

Hi @WalterHof

I am also setting up an fail2ban environment behind an apache reverse proxy.

In my apache.error.log I have all infos fail2ban needs.
example line:

[Wed Sep 16 10:44:08.987810 2020] [:error] [pid 24475] [client 12.34.56.78:40378] Kopano WebApp user: <user>: authentication failure at MAPI, referer: https://kopano.example.com/webapp/?logon

Simply configure fail2ban to look for the error.log and not the access.log. Or am i missing something?

Do you set up fail2ban on the Kopano Server or on the Revproxy?

Kind regards
Basti

A Former User

Hi,

I run fail2ban on the kopano server. My reverse proxy is an Apache2 so I have external IPs in error log on kopano server.

Walter