Hi all !
After activation, I tryed to trigger brute-force with multiple wrong logins, but I wasn’t able to ban myself.
Am I doing something wrong ?
How can I test if it’s working ?
We also use fail2ban on a server-cluster size, and we’re interested in fail2ban logging of all brute-force banned IPs.
I’ve found some useful threads about this but they seem abandoned:
Shall I Up them or open a new thread?
ran in some problem with fail2ban reporting to abuseipdb lately
received help at:
If this can help you, i put my fix/working conf files
You can test your regex against the log file and see if you have matches:
fail2ban-regex /path/to/nextcloud.log /etc/fail2ban/filter.d/nextcloud.conf
If you see your failed login attempts as matches there, it should actually work. In that case you should check if your jail is enabled and if your findtime and maxRetry are set appropriatly.
My only ideas so far. However please have a look at the fail2ban log for error messages, that might point you into the right direction (you can post them here as well and we will further assist).
I solved with THIS guide that is the most updated one (2018):
https://www.c-rieger.de/nextcloud-installation-guide-advanced/#c103
With other quoted solutions, I either had blank logfile or not triggering fail2ban.