Fail2Ban behind reverse proxy

mattspc · Post by **mattspc** » Tue Apr 04, 2017 2:39 pm

I'm hardening my zm install and have fail2ban looking at the apache error log, I can't figure out exactly where the client IP is being passed in from and I'd like to change that to the x-referrer, external IP if possible.

I can't figure out where this error is generated from to attempt to modify. Any suggestions?

Code: Select all

[Tue Apr 04 10:27:29.214120 2017] [:error] [pid 27516] [client 10.0.1.101:34574] WAR [Login denied for user "test"], referer: https://zmuser.domain/zm/index.php

mattspc · Post by **mattspc** » Tue Apr 04, 2017 2:56 pm

Looks like I have this solved- in my apache2.conf had to add

Code: Select all

ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %{X-Forwarded-For}i] %M"

ZoneMinder Forums

Fail2Ban behind reverse proxy

Fail2Ban behind reverse proxy

Re: Fail2Ban behind reverse proxy