[TYPO3-core] RFC: 6945 Log login failures with t3lib_div::syslog()
Steffen Kamper
steffen at sk-typo3.de
Thu Dec 13 11:31:22 CET 2007
"Andreas Otto" <andreas.otto at dkd.de> schrieb im Newsbeitrag
news:mailman.1.1197539638.3417.typo3-team-core at lists.netfielders.de...
> This is an SVN patch request.
>
> Type: New feature
>
> Bugtracker references:
> http://bugs.typo3.org/view.php?id=6945
>
> Branches:
> trunk
>
> Problem:
> I would like to log login failures, like wrong username, wrong password
> or wrong domain using t3lib_div::syslog().
>
> This means the failures could be logged to an external logfile or the
> server's syslog. Using this together with external software like
> fail2ban or the like helps to keep access to your TYPO3 installation
> tight.
>
> Solution:
> Use t3lib_div::syslog() in typo3/sysext/sv/class.tx_sv_auth.php to log
> login failures.
>
> Notes:
> Log entries will look like:
> 13-12-07 08:46 - Core: Login-attempt from 127.0.0.1 (), username
> 'dkd-otto', password not accepted!
> 13-12-07 08:51 - Core: Login-attempt from 127.0.0.1 (), username
> 'dgjkjfdskl' not found!
>
>
> Fail2ban: www.fail2ban.org
> Fail2ban scans log files like /var/log/pwdfail or
> /var/log/apache/error_log and bans IP that makes too many password
> failures. It updates firewall rules to reject the IP address.
>
> Cheers,
> Andreas
>
+1 on reading. What i miss too is logging of log out.
I did this for a client who wants to know which user log in, log out, log
fails etc and did it by hooking the devlog.
vg Steffen
More information about the TYPO3-team-core
mailing list