Replies: 4 comments 3 replies
-
Are you looking for access logs, where you would see a single IP hitting Where you get the logs would depend on your self-hosted environment. For example, if you are using nginx as a reverse proxy, you would configure access logs in nginx. |
Beta Was this translation helpful? Give feedback.
-
Not really. I’m looking for authentication failure logs. Restricting an IP
based on a number of hit could create false positives I believe.
…On Thu, 5 Oct 2023 at 17:42, Pēteris Caune ***@***.***> wrote:
Are you looking for access logs, where you would see a single IP hitting
/accounts/login/ a lot of times?
Where you get the logs would depend on your self-hosted environment. For
example, if you are using nginx as a reverse proxy, you would configure
access logs in nginx.
—
Reply to this email directly, view it on GitHub
<#902 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AQARXXWNGMTWYZUFPR5PEVDX5Z6GZAVCNFSM6AAAAAA5T6CIACVHI2DSMVQWIX3LMV43SRDJONRXK43TNFXW4Q3PNVWWK3TUHM3TCOJWGEYDI>
.
You are receiving this because you authored the thread.Message ID:
***@***.***
com>
|
Beta Was this translation helpful? Give feedback.
-
So you reckon there is no way to prevent a bot from brute forcing or enumerating users ?
…________________________________
From: Pēteris Caune ***@***.***>
Sent: Thursday, October 5, 2023 7:48:59 PM
To: healthchecks/healthchecks ***@***.***>
Cc: R-Nabil ***@***.***>; Author ***@***.***>
Subject: Re: [healthchecks/healthchecks] Logs of HC ? (Discussion #902)
Healthchecks does not emit authentication failure events to logs.
—
Reply to this email directly, view it on GitHub<#902 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AQARXXV5YGZYPJVP2JRWW4LX52NCXAVCNFSM6AAAAAA5T6CIACVHI2DSMVQWIX3LMV43SRDJONRXK43TNFXW4Q3PNVWWK3TUHM3TCOJXGMZTC>.
You are receiving this because you authored the thread.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
Does that rate-limiting emit a log ? I'd like to blacklist IP who would hit the rate-limit |
Beta Was this translation helpful? Give feedback.
-
Hi,
I'm trying to integrate into crowdsec (ids/ips engine) a scenario to detect any Brute Force attempt to login into HC.
But I can't figure out where are the HC logs output in a selfhosted environment.
Can anyone help ?
Thanks
Beta Was this translation helpful? Give feedback.
All reactions