Fail2Ban Setup - Kozea/Radicale GitHub Wiki
(i) Radicale >= 3.0.0 logs to stdout which is usually catched by 'systemd/journald'
Example: /etc/fail2ban/filter.d/radicale.conf
[INCLUDES]
before = common.conf
[Definition]
failregex = ^.*Failed\slogin\sattempt\sfrom\s<HOST>:\s.*
[Init]
Example: /etc/fail2ban/jail.d/90-radicale.conf
Adjust port according to configuration
[radicale]
enabled = true
port = 5232
filter = radicale
banaction = %(banaction_allports)s[name=radicale]
backend = systemd
journalmatch = _SYSTEMD_UNIT=radicale.service
maxretry = 2
bantime = -1
ignoreip = 127.0.0.1
findtime = 14400
Example: /etc/fail2ban/filter.d/radicale.conf
[INCLUDES]
before = common.conf
[Definition]
failregex = ^.*Failed\slogin\sattempt\sfrom\s.*\(forwarded for \'<HOST>\'.*\):\s.*
[Init]
Example: /etc/fail2ban/jail.d/90-radicale.conf
Adjust port according to your reverse proxy configuration
[radicale]
enabled = true
port = 80, 443
filter = radicale
banaction = %(banaction_allports)s[name=radicale]
backend = systemd
journalmatch = _SYSTEMD_UNIT=radicale.service
maxretry = 2
bantime = -1
ignoreip = 127.0.0.1
findtime = 14400
To use Fail2Ban with radicale change Logging to INFO
Configs for fail2ban
filter http/https:
[INCLUDES]
before = common.conf
[Definition]
failregex = ^.*\sfor\s\'\/\'\sreceived\sfrom\s\'<HOST>\'.*\n^^.*Failed\slogin\sattempt:\s
ignoreregex =
[Init]
maxlines = 4
filter webdav:
[INCLUDES]
before = common.conf
[Definition]
failregex = ^.*Failed\slogin\sattempt.*\n^.*\n^.*\s\'\/.well\-known.*\sfrom\s\'<HOST>\'
ignoreregex =
[Init]
maxlines = 3
jail:
[radicale]
enabled = true
port = 80,443
filter = radicale
action = iptables-allports[name=radicale]
logpath = /var/log/remotelogs/192.168.50.115/radicale-logins.log
maxretry = 2
bantime = -1
ignoreip = 192.168.50.0/24
findtime = 14400