Where can I find log entry for failed webgui login attempt?

pbuonomo · November 6, 2015, 4:11am

Hello,

Since I have my urbackup server open to the web, I would like to setup a fail2ban jail that bans an IP if there are a certain number of failed login attempts.

Fail2ban looks through log files like /var/log/auth.log, /var/log/messages, etc. to find these failed login attempts.

My question is: if a user attempts to login on the web interface and fails, is that captured in any log file? I’m under the impression that /var/log/urbackup.log and /var/log/urbackup-client.log are only used for backup related purposes.

Thanks in advance for any help.

uroni · November 11, 2015, 6:51pm

Currently only successful logins are logged to the database.

I added logging to auth-syslog. Will be in the next version:

charly_md · March 30, 2021, 8:30pm

since adding this feature, I have been able to create a custom filter for fail2ban and block malicious IPs.

thanks a lot Uroni

kimboslice · November 19, 2022, 8:11am

Hate to necro, but was this never added to the windows server package? Failed or successful logins arent logged to eventlog or a file

Any web app that is intended to be published really ought to have authentication logging, this is basic security 101