Topic: Fail2ban jail for iredmail admin page
It occurred to me that the 0.9.8 distribution doesn't include a fail2ban jail for hacking attempts at the iredmail admin/management page. If anyone wants to add this you can set up a jail to monitor /var/log/uwsgi/app/iredadmin.log (Debian version) and use the filter:
failregex = ^.+ \[.*\] <HOST> \(.*\) \{.*\} \[.*\] GET \/iredadmin\/login\?msg=INVALID_CREDENTIALS.*$
This will ban after x bad password attempts at the web admin page. This might be good to add to the next release (unless it is already in there? I didn't see it.)
Thanks for a great product!
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.