/rc-plugin-fail2ban

A Fail2Ban RoundCube plugin

Primary LanguagePHPGNU General Public License v3.0GPL-3.0

RoundCube Fail2Ban Plugin

RoundCube Fail2Ban Plugin is a small plugin that will display a failed login attempts in your syslog or userlogins log file. Using this information Fail2Ban will be able to block a user for a set amount of time. The best part, the block is happening at the IP level and blocks the IP address, not the user they are trying to log in as.

If you would like to help translate this plugin, or you see a problem with the current translation, please contact me.

This plugin dose not install or run Fail2Ban, but only provides the program with the needed log entries. Fail2Ban has to be installed and configured independent of this plugin so that it watches Roundcube's logs for failed logins.

Download

The Current Version is 1.3 released on Sept, 28th 2015.

  • RoundCube Fil2Ban Plugin - Version 1.3 - tgz | zip | git
  • RoundCube Fil2Ban Plugin - Version 1.2 - tgz | zip | git
  • RoundCube Fil2Ban Plugin - Version 1.1 - tgz | zip | git
  • RoundCube Fil2Ban Plugin - Version 1.0 - tgz | zip | git

You can also clone the project with Git by running:

$ git clone git://github.com/mattrude/rc-plugin-fail2ban.git fail2ban

If your using git, make sure to hit the rc-Plugin-Fail2Ban's github page.

Dependencies

RoundCube 3.0+

Installing

  1. Place this plugin folder into the RoundCube plugins directory (roundcube/plugins/)
  2. Add fail2ban to $rcmail_config['plugins'] in your RoundCube config

Note: When downloading this plugin from http://github.com/mattrude/rc-plugin-fail2ban you will need to create a directory called fail2ban and place fail2ban.php in there, ignoring the root directory in the downloaded archive. You may also run 'git clone git://github.com/mattrude/rc-plugin-fail2ban.git fail2ban' from the plugins directory.

Setting Up

fail2ban/jail.conf:

[roundcube]
enabled  = true
port     = http,https
filter   = roundcube
action   = iptables-multiport[name=roundcube, port="http,https"]
logpath  = /var/www/html/roundcube/logs/userlogins

Or oldschool used a configuration simmiler to:

[roundcube]
# 0.3 and up plugin-support
 
enabled  = true
port     = http,https
filter   = roundcube
action   = iptables-multiport[name=roundcube, port="http,https"]
sendmail-whois[name=RC-Webmail, dest=you@example.com, sender=fail2ban]
logpath  = /srv/www/htdocs/webmail/logs/userlogins

fail2ban/filter.d/roundcube.conf:

[Definition]
failregex = FAILED login for .*. from <HOST>
ignoreregex =

License

This plugin is licensed under the GPLv3. A copy of the license also comes with every copy download.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.

Authors

Matt Rude (m@mattrude.com)