rhino/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-03-26 11:49:21 -07:00
Code Issues Packages Projects Releases Wiki Activity

Updated Fail2Ban Setup (markdown)

Peronia
2023-06-26 09:21:23 +02:00
parent a649aad184
commit 8c1be68405
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Fail2Ban-Setup.md

@@ -161,12 +161,12 @@ Docker uses the FORWARD chain instead of the default INPUT chain. If the machine
chain = FORWARD chain = FORWARD
``` ```
**Tip**:If you are using systemd to manage vaultwarden, you can use systemd-journal for fail2ban: **Tip**: If you are using systemd to manage vaultwarden, you can use systemd-journal for fail2ban:
``` ```
backend = systemd backend = systemd
filter = vaultwarden[journalmatch='_SYSTEMD_UNIT=your_vaultwarden.service'] filter = vaultwarden[journalmatch='_SYSTEMD_UNIT=your_vaultwarden.service']
``` ```
Use these instead of `logpath = ` variable. Use these instead of `logpath = ` and `filter = ` variables.
**NOTE FOR CLOUDFLARE USERS** **NOTE FOR CLOUDFLARE USERS**
If you use cloudflare proxy, you'll need to add Cloudflare in your actions list, like in [this guide](https://niksec.com/using-fail2ban-with-cloudflare/) If you use cloudflare proxy, you'll need to add Cloudflare in your actions list, like in [this guide](https://niksec.com/using-fail2ban-with-cloudflare/)
@@ -221,6 +221,14 @@ Note: Docker uses the FORWARD chain instead of the default INPUT chain. Therefor
```INI ```INI
action = iptables-allports[name=vaultwarden-admin, chain=FORWARD] action = iptables-allports[name=vaultwarden-admin, chain=FORWARD]
``` ```
**Tip**: If you are using systemd to manage vaultwarden, you can use systemd-journal for fail2ban here as well:
```
backend = systemd
filter = vaultwarden-admin[journalmatch='_SYSTEMD_UNIT=your_vaultwarden.service']
```
Use these instead of `logpath = ` and `filter = ` variables.
**NOTE FOR CLOUDFLARE USERS** **NOTE FOR CLOUDFLARE USERS**
If you use cloudflare proxy, you'll need to add Cloudflare in your actions list, like in [this guide](https://niksec.com/using-fail2ban-with-cloudflare/) If you use cloudflare proxy, you'll need to add Cloudflare in your actions list, like in [this guide](https://niksec.com/using-fail2ban-with-cloudflare/)