Bug #2191

not log ip when user isnt in htpasswd file

Added by eryretqwewrqr almost 4 years ago. Updated almost 4 years ago.

Status:FixedStart date:2010-04-24
Priority:NormalDue date:
Assignee:glen% Done:

100%

Category:mod_auth
Target version:1.4.27
Missing in 1.5.x:No

Description

When user inst in htpasswd then i see in log these, but should be logged with ip to track who is hammer me. Its good to use with fail2ban

(1.4.19)                       WRONG : 2010-04-24 10:46:57: (http_auth.c.865) get_password failed
(1.4.20-moded src, link below) GOOD  : 2008-12-20 10:55:29: (http_auth.c.876) get_password failed , IP: nnn.nnn.nnn.nnn

Situation is described in http://www.linuxforen.de/forums/showthread.php?t=249781

Maybe, you can check other cases, if they log ip. Thanks

Associated revisions

Revision 2727
Added by glen almost 4 years ago

- Include IP addresses on error log on password failures (fixes #2191)

Revision 2728
Added by glen almost 4 years ago

- Include IP addresses on error log on password failures (fixes #2191)

History

#1 Updated by glen almost 4 years ago

  • Status changed from New to Fixed
  • % Done changed from 0 to 100

Applied in changeset r2727.

#2 Updated by glen almost 4 years ago

  • Target version set to 1.4.27

#3 Updated by glen almost 4 years ago

  • Assignee set to glen

Also available in: Atom