[TYPO3-dev] Login logging into [SYS][systemLog] possible?
Felix Griesser
feelx at shinternet.ch
Tue Feb 17 17:21:12 CET 2009
Dear Dev's, dear list
Is there a way to realize USER login to the backend into the
/[SYS][systemLog]/?
I'd suggest it is a good idea not only to offer a ability to [warn] if
login failed 4 times by email by *[warning_email_addr] *and
*[warning_mode] *but also log ALL logins (and of course failed logins)
to the system log configured by the directive as mentioned above.
We all know the security discussion and I know exploit recently has
been cured by the newest releases of core of T3 has nothing to do with
this. But brute-force methods are always a problem with every
information system protected by passwords. Of couse we can protect it
twice by .htaccess and required user/pw but nevertheless I think every
login attempt should be logged into /[SYS][systemLog].
/If I use <ADMIN TOOLS> => LOG I see every successfull login there but
never if a login failed except a warning after 4 login attempts by Email
(not log file). Even the apache2 logfile gives me no hint if a login
failed. It says:
> 87.2xx.xxx.xx - - [17/Feb/2009:17:14:32 +0100] "POST /typo3/index.php
> HTTP/1.1" 200 2243 "http://www.yourdomain.com/typo3/index.php"
> "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.6)
> Gecko/2009011913 Firefox/3.0.6"
What I wanted to do is to add a jail-rule to fail2ban on my server
(http://fail2ban.org) which would ban user (or the IP) by iptables for a
certain amount of time after several (3-5) failed login attempts. But
therefor I need a logfile which fail2ban can trace by regular
expressions to determine failed logins.
Is there a possibility to track / log logins to a file? And if not,
wouldn't it make sense to have it logged to i.E. /[SYS][systemLog] or
apache(webserver) access.log /
best wishes and greetings
Felix
More information about the TYPO3-dev
mailing list