[pre]
You are using DaDaBIK version 10.6-Manarola enterprise, installed on 03-07-2021, the latest version of DaDaBIK is 10.6-Manarola released on 01-26-2021
System info
PHP Version: 7.3.27
mysql version: 5.5.5-10.3.27-MariaDB
Web server: Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1g
Client: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36
URL installation: http://IP-of-Server/dadabik/
[/pre]
Im trying to "Secure" my sever more with fail2ban, im trying to find the log file where the failed logins are logged.
/var/log/httpd/access_log shows like this:
[pre]
102.65.8.179 - - [08/Mar/2021:11:12:47 +0000] "POST /login.php?function=check_login HTTP/1.1" 200 40732 "https://dadabik.hbit.co.za/login.php?function=check_login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
102.65.8.179 - - [08/Mar/2021:11:12:52 +0000] "POST /login.php?function=check_login HTTP/1.1" 200 40732 "https://dadabik.hbit.co.za/login.php?function=check_login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
102.65.8.179 - - [08/Mar/2021:11:12:58 +0000] "POST /login.php?function=check_login HTTP/1.1" 200 40837 "https://dadabik.hbit.co.za/login.php?function=check_login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
102.65.8.179 - - [08/Mar/2021:11:13:07 +0000] "POST /login.php?function=check_login HTTP/1.1" 200 40837 "https://dadabik.hbit.co.za/login.php?function=check_login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
102.65.8.179 - - [08/Mar/2021:11:13:27 +0000] "-" 408 - "-" "-"
54.221.27.173 - - [08/Mar/2021:11:26:05 +0000] "GET / HTTP/1.1" 301 235 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
54.221.27.173 - - [08/Mar/2021:11:26:05 +0000] "GET / HTTP/1.1" 302 - "http://dadabik.hbit.co.za" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
54.221.27.173 - - [08/Mar/2021:11:26:05 +0000] "GET /login.php?function=show_login_form HTTP/1.1" 301 269 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
54.221.27.173 - - [08/Mar/2021:11:26:06 +0000] "GET /login.php?function=show_login_form HTTP/1.1" 200 40665 "http://dadabik.hbit.co.za/login.php?function=show_login_form" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
[/pre]
If this is not the correct method, please advise elsewise.
You are using DaDaBIK version 10.6-Manarola enterprise, installed on 03-07-2021, the latest version of DaDaBIK is 10.6-Manarola released on 01-26-2021
System info
PHP Version: 7.3.27
mysql version: 5.5.5-10.3.27-MariaDB
Web server: Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1g
Client: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36
URL installation: http://IP-of-Server/dadabik/
[/pre]
Im trying to "Secure" my sever more with fail2ban, im trying to find the log file where the failed logins are logged.
/var/log/httpd/access_log shows like this:
[pre]
102.65.8.179 - - [08/Mar/2021:11:12:47 +0000] "POST /login.php?function=check_login HTTP/1.1" 200 40732 "https://dadabik.hbit.co.za/login.php?function=check_login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
102.65.8.179 - - [08/Mar/2021:11:12:52 +0000] "POST /login.php?function=check_login HTTP/1.1" 200 40732 "https://dadabik.hbit.co.za/login.php?function=check_login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
102.65.8.179 - - [08/Mar/2021:11:12:58 +0000] "POST /login.php?function=check_login HTTP/1.1" 200 40837 "https://dadabik.hbit.co.za/login.php?function=check_login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
102.65.8.179 - - [08/Mar/2021:11:13:07 +0000] "POST /login.php?function=check_login HTTP/1.1" 200 40837 "https://dadabik.hbit.co.za/login.php?function=check_login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
102.65.8.179 - - [08/Mar/2021:11:13:27 +0000] "-" 408 - "-" "-"
54.221.27.173 - - [08/Mar/2021:11:26:05 +0000] "GET / HTTP/1.1" 301 235 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
54.221.27.173 - - [08/Mar/2021:11:26:05 +0000] "GET / HTTP/1.1" 302 - "http://dadabik.hbit.co.za" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
54.221.27.173 - - [08/Mar/2021:11:26:05 +0000] "GET /login.php?function=show_login_form HTTP/1.1" 301 269 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
54.221.27.173 - - [08/Mar/2021:11:26:06 +0000] "GET /login.php?function=show_login_form HTTP/1.1" 200 40665 "http://dadabik.hbit.co.za/login.php?function=show_login_form" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
[/pre]
If this is not the correct method, please advise elsewise.