Page 1 of 1

Fail2ban configuration

PostPosted: Wed Oct 10, 2018 8:15 am
by Thomsus
Hi, in order to secure the xeoma web site, beyond the passwords required, I would like to configure fail2ban (for Linux hosts). This will stop dictionary attacks etc. So, does anybody knows how to configure fail2ban for this?

Re: Fail2ban configuration

PostPosted: Wed Oct 10, 2018 9:48 am
by Admin_P
Hello! I believe Fail2Ban works in combination with Apache, which can be used with Xeoma's Web Server too (here is an article on that). So, by employing Apache, you should be able to use Fail2Ban as well.

Re: Fail2ban configuration

PostPosted: Mon Nov 12, 2018 7:54 pm
by skylord123
Configuring fail2ban is pretty trivial.

I had a forum post a while ago asking a similar question but more along the lines of where the log file was and what format it uses. If you find that post you can see how log messages are stored so you can build the filter.

I just haven't bothered yet because all my passwords are 32+ characters.

Re: Fail2ban configuration

PostPosted: Wed Nov 28, 2018 7:19 am
by Thomsus
I have setup a reverse proxy for pre-authentication of http requests to Xeoma. I used Apache for a similar task a year ago, but NGINX this time. They are quite similar in reverse proxy matters.

It works partially; I get prompted for authentication on the reverse proxy. Once authenticated I successfully see the Xeoma web site where I enter username and password. Then things stop :-(
I see Xeoma puts the username and password in the URL, making a http redirection somehow, and then it gets back to the login web site. So, I once again get prompted for username and password. I can repeat this over and over. So, it seems like the Xeoma URL redirection is incompatible with reverse proxy.

Felenasoft: If you contact me by mail, I can setup a user account for you, for quick testing, if you like.

Re: Fail2ban configuration

PostPosted: Fri Dec 07, 2018 10:23 am
by Admin_P
Hello, Thomsus! There is a known issue with some of the pages of the Web Server not being displayed, when proxy is utilized. We are working on fixing that.