Mercurial > prosody-modules
view mod_log_auth/README.markdown @ 4203:c4002aae4ad3
mod_s2s_keepalive: Use timestamp as iq @id
RFC 6120 implies that the id attribute must be unique within a stream.
This should fix problems with remote servers that enforce uniqueness and
don't answer duplicated ids.
If it doesn't do that, then at least you can get a guesstimate at
round-trip time from the difference between the result iq stanza and the
timestamp it was logged without having to go look for when it was sent,
or needing to keep state.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 14 Oct 2020 18:02:10 +0200 |
| parents | a47520a2c59d |
| children |
line wrap: on
line source
--- labels: - 'Stage-Stable' summary: Log failed authentication attempts with their IP address ... Introduction ============ Prosody doesn't write IP addresses to its log file by default for privacy reasons (unless debug logging is enabled). This module enables logging of the IP address in a failed authentication attempt so that those trying to break into accounts for example can be blocked. fail2ban configuration ====================== fail2ban is a utility for monitoring log files and automatically blocking "bad" IP addresses at the firewall level. With this module enabled in Prosody you can use the following example configuration for fail2ban: # /etc/fail2ban/filter.d/prosody-auth.conf # Fail2Ban configuration file for prosody authentication [Definition] failregex = Failed authentication attempt \(not-authorized\) for user .* from IP: <HOST> ignoreregex = And at the appropriate place (usually the bottom) of /etc/fail2ban/jail.conf add these lines: [prosody] enabled = true port = 5222 filter = prosody-auth logpath = /var/log/prosody/prosody*.log maxretry = 6 Compatibility ------------- ------- -------------- trunk Works 0.9 Works 0.8 Doesn't work ------- --------------