Hi,
I had the same need as @Neurogami and just did what @andrewatfornax suggested.
Here is a pull request for Revive to support fail2ban:
https://github.com/revive-adserver/revive-adserver/pull/1389
Here is my comment on that PR:
In constants.php , set $GLOBALS['badLoginLogFilePath'] to the path of the log file fail2ban can use to ban an IP trying to brute force your site. For example /var/log/reviveBadLogin.log .
Run the following commands to make the file writable:
$ touch /var/log/reviveBadLogin.log
$ chown www-data:www-data /var/log/reviveBadLogin.log
Add the following in the /etc/fail2ban/filter.d/revive.conf file:
[Definition]
failregex = ^.*: $
datepattern = {^LN-BEG}Epoch
Add the following in the /etc/fail2ban/filter.d/revive.conf file:
[revive]
enabled = true
port = 80,443
protocol = tcp
filter = revive
maxretry = 3
bantime = 86400
findtime = 43200
logpath = /var/log/reviveBadLogin.log
Restart fail2ban with the following command:
$ systemctl restart fail2ban
I was able to test this with a VPN. I entered 3 times bad credentials and by IP got banned.
It is likely that call to badLogin.php would be desirable from other places susceptible to be used for brute forcing.
I hope this can be merged without too much difficulties.
Please let me know if there is anything else I can do for this PR.