Thanks Blake, I wasn't aware of the built in rate limiting. I'll look at the commits for that feature and for those log entries.
Josh On Tue, Apr 9, 2024 at 1:45 PM Blake Graham-Henderson via Evergreen-dev < [email protected]> wrote: > Josh, > > Are you aware of the Evergreen feature hidden inside the open-ils.auth > settings: > > ... > <app_settings> > <!-- defined app-specific settings here --> > <auth_limits> > <seed>30</seed> <!-- amount of time a seed request > is valid for --> > <block_time>90</block_time> <!-- amount of time > since last auth or seed request to save failure counts --> > <block_count>10</block_count> <!-- number of > failures before blocking access --> > </auth_limits> > </app_settings> > ... > > Using memcached, the system keeps track of the number of failures in a > period of time. And will automatically block subsequent login attempts for > a configurable amount of time. > > -Blake- > Conducting Magic > Will consume any data format > MOBIUS > > > On 4/9/2024 1:31 PM, Josh Stompro via Evergreen-dev wrote: > > Hello, I'm curious about getting a log of all successful and > unsuccessful logins to our Evergreen system. Along with extra info like IP > address and user agent when the request comes in through a web form. > > I would like a simple way to make use of tools like fail2ban to protect > against brute force login attacks and to have a good log for staff account > logins that could be kept longer than our full logs might be kept. > > Does anyone have something like that setup already? > > The actor.usr_activity data doesn't track unsuccessful logins or info like > IP addresses. And I think it only tracks the last successful login. > > I can see some oils_auth.c logs that show a success/failure took place > > open-ils.auth 2024-04-09 13:14:26 > [INFO:1950887:oils_auth.c:847:17126388021950749339] failed login: > username=user, barcode=(none), workstation= > > open-ils.auth 2024-04-09 13:11:33 > [ACT:1950868:oils_auth.c:641:17126388021949775649] successful login: > username=user, authtoken=12345 > > But no IP address info is available at that point I'm assuming. Maybe I > need to look at generating the log closer to the web server. > > Thanks > Josh > > [image: Company logo] > *Josh Stompro* > IT Director > [email protected] | 218-233-3757 ext. 139 | 218-790-2110 > *Lake Agassiz Regional Library * > 118 5th ST S > Moorhead MN 56560 > www.larl.org > *Our mission is to enrich lives and strengthen communities.* > > _______________________________________________ > Evergreen-dev mailing > [email protected]http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-dev > > > _______________________________________________ > Evergreen-dev mailing list > [email protected] > http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-dev >
_______________________________________________ Evergreen-dev mailing list [email protected] http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-dev
