Dec 29, 2023: iRedMail-1.6.8 has been released.

**alex42** · 2017-03-05 00:01:21

alex42
Member
Offline

Registered: 2013-08-26
Posts: 145

Topic: How to secure phpLDAPadmin with Fail2ban?

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.6
- Linux/BSD distribution name and version: Ubuntu 16.06
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

Hello!

I wanted to ask, if someone can tell me how to secure phpLDAPadmin with Fail2ban. How has the filter to look like?

Thanks in advance!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2017-03-05 11:26:07

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,789

Re: How to secure phpLDAPadmin with Fail2ban?

You should check Apache log file to find error related to phpldapadmin, then create your own Fail2ban filter and jail to monitor Apache log file (it's ok to use existing jail which monitoring Apache log file).

**alex42** · 2017-06-07 22:48:52

alex42
Member
Offline

Registered: 2013-08-26
Posts: 145

Re: How to secure phpLDAPadmin with Fail2ban?

In fact there is nothing in the log files if I'm trying to log in with false credentials. Can you maybe tell me how I can activate the logging of login failures?

**ZhangHuangbin** · 2017-06-08 00:34:12

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,789

Re: How to secure phpLDAPadmin with Fail2ban?

You have to check phpLDAPadmin settings.

**alex42** · 2017-06-08 23:33:04

alex42
Member
Offline

Registered: 2013-08-26
Posts: 145

Re: How to secure phpLDAPadmin with Fail2ban?

Hallo ZhangHuangbin,

I already thought that i have to edit the config.php of phpLDAPadmin. But in fact I don't understand which debug level I have to choose. I've found this documentation but it doesn't help me:

http://phpldapadmin.sourceforge.net/wik … ebug:level

I hope that you can help me!

Thanks in advance!

**ZhangHuangbin** · 2017-06-10 13:49:15

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,789

Re: How to secure phpLDAPadmin with Fail2ban?

Try "error" level first, if no failed login related info, try "debug".

Dec 29, 2023: iRedMail-1.6.8 has been released.

How to secure phpLDAPadmin with Fail2ban?

Posts: 6

1 Topic by alex42 2017-03-05 00:01:21

Topic: How to secure phpLDAPadmin with Fail2ban?

2 Reply by ZhangHuangbin 2017-03-05 11:26:07

Re: How to secure phpLDAPadmin with Fail2ban?

3 Reply by alex42 2017-06-07 22:48:52

Re: How to secure phpLDAPadmin with Fail2ban?

4 Reply by ZhangHuangbin 2017-06-08 00:34:12

Re: How to secure phpLDAPadmin with Fail2ban?

5 Reply by alex42 2017-06-08 23:33:04

Re: How to secure phpLDAPadmin with Fail2ban?

6 Reply by ZhangHuangbin 2017-06-10 13:49:15

Re: How to secure phpLDAPadmin with Fail2ban?

Posts: 6