- Joined
- Mar 6, 2018
- Messages
- 10
- Reaction score
- 1
Hi,
Would be nice if 3CX could generate a plain text log file containing failed login attempts information.
For all login types : HTTP logins to the 3CX manager, SIP REGISTER requests etc...
For example :
2018-01-12 17:32:45 Failed HTTP login attempt from 34.56.93.143
2018-01-12 17:32:45 Failed HTTP login attempt from 34.56.93.143
2018-01-12 17:32:46 Failed HTTP login attempt from 34.56.93.143
2018-01-12 17:32:47 Failed HTTP login attempt from 34.56.93.143
2018-01-15 02:41:12 Attack detected from 45.87.178.23
2018-01-15 02:41:13 Attack detected from 45.87.178.23
2018-01-17 07:12:34 Failed SIP register attempt from 74.32.59.197
2018-01-17 07:12:39 Failed SIP register attempt from 74.32.59.197
2018-01-17 07:12:43 Failed SIP register attempt from 74.32.59.197
On Linux, we would then be able to use Fail2ban to ban bad IPs, at firewall level.
Fail2ban would simply be fed with this log file and would automatically ban, based on its configured rules (bantime, findtime, maxretry etc...).
That would really be perfect.
3CX dev team, thank you very much for your support !
Edit : related post : Anti-hacking Module / Blacklist Notifications / LOGS
Of course feel free to vote (using the stars at the top of this topic) if interested !
Would be nice if 3CX could generate a plain text log file containing failed login attempts information.
For all login types : HTTP logins to the 3CX manager, SIP REGISTER requests etc...
For example :
2018-01-12 17:32:45 Failed HTTP login attempt from 34.56.93.143
2018-01-12 17:32:45 Failed HTTP login attempt from 34.56.93.143
2018-01-12 17:32:46 Failed HTTP login attempt from 34.56.93.143
2018-01-12 17:32:47 Failed HTTP login attempt from 34.56.93.143
2018-01-15 02:41:12 Attack detected from 45.87.178.23
2018-01-15 02:41:13 Attack detected from 45.87.178.23
2018-01-17 07:12:34 Failed SIP register attempt from 74.32.59.197
2018-01-17 07:12:39 Failed SIP register attempt from 74.32.59.197
2018-01-17 07:12:43 Failed SIP register attempt from 74.32.59.197
On Linux, we would then be able to use Fail2ban to ban bad IPs, at firewall level.
Fail2ban would simply be fed with this log file and would automatically ban, based on its configured rules (bantime, findtime, maxretry etc...).
That would really be perfect.
3CX dev team, thank you very much for your support !
Edit : related post : Anti-hacking Module / Blacklist Notifications / LOGS
Of course feel free to vote (using the stars at the top of this topic) if interested !
Last edited:
Upvote
10