From 72c7d8214e6a7b4cfc9068554bed33151eb7b7c3 Mon Sep 17 00:00:00 2001 From: Thuban <thuban@yeuxdelibad.net> Date: Mon, 26 Feb 2018 08:47:25 +0000 Subject: [PATCH] last updt --- vilain.conf | 17 +++++++++++++++++ 1 files changed, 17 insertions(+), 0 deletions(-) diff --git a/vilain.conf b/vilain.conf index b3d67e2..907460e 100644 --- a/vilain.conf +++ b/vilain.conf @@ -58,3 +58,20 @@ # don't use if you have wordpress logfile = /var/www/logs/access.log regex = (?:\S+\s){1}(\S+).*wp-login.php.* + +# Nextcloud: login page +# Nextcloud 12 brings protection against brute-force attacks +# but 1/ not yet tested so far 2/ system protection is probably more efficient +[nextcloud] +logfile = /var/www/htdocs/datacloud/nextcloud.log +regex = .*Bruteforce attempt from \\"(.*)\\" detected + +# Nextcloud: public shares protected by password +# regex is compliant with NginX log format: +# /etc/nginx/nginx.conf: +# log_format main '$remote_addr - $remote_user [$time_local] "$request" ' +# '$status $body_bytes_sent "$http_referer" ' +# '"$http_user_agent" "$http_x_forwarded_for"'; +[nextcloud-share] +logfile = /var/www/logs/access-nextcloud.log +regex = (\d+\.\d+\.\d+\.\d+) \-.*POST /s/\w+/authenticate HTTP/1.1\" 200 -- Gitblit v1.9.3