[Can Revive used with fail2ban?]

Hi,

 

I had the same need as @Neurogami and just did what @andrewatfornax suggested.

 

Here is a pull request for Revive to support fail2ban:

https://github.com/revive-adserver/revive-adserver/pull/1389

 

Here is my comment on that PR:

 

In constants.php , set $GLOBALS['badLoginLogFilePath'] to the path of the log file fail2ban can use to ban an IP trying to brute force your site. For example /var/log/reviveBadLogin.log .
Run the following commands to make the file writable:
$ touch /var/log/reviveBadLogin.log
$ chown www-data:www-data /var/log/reviveBadLogin.log

Add the following in the /etc/fail2ban/filter.d/revive.conf file:
[Definition]
failregex = ^.*: $
datepattern = {^LN-BEG}Epoch

Add the following in the /etc/fail2ban/filter.d/revive.conf file:
[revive]
enabled = true
port = 80,443
protocol = tcp
filter = revive
maxretry = 3
bantime = 86400
findtime = 43200
logpath = /var/log/reviveBadLogin.log

Restart fail2ban with the following command:
$ systemctl restart fail2ban

I was able to test this with a VPN. I entered 3 times bad credentials and by IP got banned.

It is likely that call to badLogin.php would be desirable from other places susceptible to be used for brute forcing.

 

I hope this can be merged without too much difficulties.

Please let me know if there is anything else I can do for this PR.