Fail2Ban on Lighttpd

Fabio · 18 December 2020 13:59

Hello Everyone!
I’m looking for help to configure Fail2Ban on my dietpi-owncloud server.
I’ve installed ownCloud directly from dietpi, and everything is working well.
I would like to improve security with the help of fail2ban.
I’ve googled a lot, made some tries, but i’m still not able to “ban myself”.
I’ve installed Fail2ban directly from dietpi.
I’m colpletely a noob, so please, be patient…
I’ve readed a lot of tutorial, copy jail.conf to jail.local, same thing the config file and so on…
But with no results, so i’ve unistalled everything and made a brand new installation.

I’m a noob so please be patient! Ask me everything if you need further infos!
Thx!

Joulinar · 18 December 2020 15:56

Hi,

many thanks for your message. First, you would need to configure ownCloud to log failed login attempts.

For fail2ban, you would need to specify following 2 files

nano /etc/fail2ban/filter.d/owncloud.conf

[Definition]
failregex={.*Login failed: \'.*\' \(Remote IP: \'<HOST>\'\)"}
ignoreregex =

and

nano /etc/fail2ban/jail.d/owncloud.conf

[owncloud]
enabled = true
port = 80,443
protocol = tcp
backend = auto
filter = owncloud
maxretry = 3
bantime = 10800
logpath = /mnt/dietpi_userdata/owncloud_data/owncloud.log

once done restart fail2ban

systemctl restart fail2ban.service

Now you should see something like this

root@DietPi3:~# fail2ban-client status owncloud
Status for the jail: owncloud
|- Filter
|  |- Currently failed: 1
|  |- Total failed:     1
|  `- File list:        /mnt/dietpi_userdata/owncloud_data/owncloud.log
`- Actions
   |- Currently banned: 0
   |- Total banned:     0
   `- Banned IP list:
root@DietPi3:~#

Fabio · 18 December 2020 16:20

Thank you Joulinar ,
i’ve done all the steps, unfortunately if i run:

systemctl restart fail2ban.service

This is what i’m getting also if i’ve done multiple wront attempt to access from the browser:

root@DietPi:~# fail2ban-client status owncloud
Status for the jail: owncloud
|- Filter
|  |- Currently failed: 0
|  |- Total failed:     0
|  `- File list:        /var/www/owncloud/data/owncloud.log
`- Actions
   |- Currently banned: 0
   |- Total banned:     0
   `- Banned IP list:

I’ve checked the /mnt/dietpi_userdata/owncloud_data/owncloud.log and it have all the log stored…
Seems like it’s not getting infos from the file…
Do you have any suggestion?

Joulinar · 18 December 2020 16:27

You specified the wrong log file in your configuration

 File list:        /var/www/owncloud/data/owncloud.log

Before adapting my config, you would need to clean the settings you have done before.

Fabio · 18 December 2020 16:39

Done!
Finally i’m locked out!
Thanks a lot!