ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

detecting Nginx auth_basic login failures

https://mail.forum.configserver.com/viewtopic.php?t=6740

Page 1 of 1

detecting Nginx auth_basic login failures

Posted: 07 Jul 2013, 16:30
by aww+
I see the newest CSF is starting to add regex rules for nginx (modsec for now)

So how about maybe adding rules for auth_basic failures ?

I see two kinds in the log

Code: Select all

2013/04/04 15:02:03 [error] 7882#0: *161 user "sdfsdf" was not found in "/blah/.htpasswds/public_html/blah/passwd", client: .........
and

Code: Select all

2013/04/04 15:23:42 [error] 7882#0: *163 user "superuser": password mismatch, client: ...............
I guess I can try to work out the regex if I don't find it on google first but would be neat if lfd came with them built in.

Re: detecting Nginx auth_basic login failures

Posted: 01 Aug 2013, 15:49
by ForumAdmin
This has been added to csf v6.27:
http://blog.configserver.com/?p=1889

Re: detecting Nginx auth_basic login failures

Posted: 21 Feb 2014, 14:05
by betweenbrain
My apologies for bringing up an older thread, but was wondering if someone may be able to guide me on how to implement this. I have tried a few ways and am not having much success.

Thanks for any help that you can provide.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited