Log Invalid Login Attempts for Fail2ban and upstream server action

Falco · December 20, 2021, 4:58pm

Twitter uses 400 for wrong password, but Facebook, LinkedIn, Google and Amazon returns a 200. IMO a 200 sounds wrong, but it appears to be the “normal” thing?

Maybe you can start with a plugin that hooks into this method here

github.com

discourse/discourse/blob/b6c3e9aa037f8ceed04dec25ad9cbc08470c3177/app/controllers/session_controller.rb#L570

    
      
          
          
  if ScreenedIpAddress.block_admin_login?(user, request.remote_ip)
              admin_not_allowed_from_ip_address(user)
            end
          end
          
          
def login_not_approved_for?(user)
            SiteSetting.must_approve_users? && !user.approved? && !user.admin?
          end
          
          
def invalid_credentials
            render json: { error: I18n.t("login.incorrect_username_email_or_password") }
          end
          
          
def login_not_approved
            { error: I18n.t("login.not_approved") }
          end
          
          
def not_activated(user)
            session[ACTIVATE_USER_KEY] = user.id
            render json: {

And does what you need?

Topic		Replies	Views
Discourse in Docker + NGINX reverse proxy + SSL everywhere + OAuth2 Custom Installation	18	6240	June 8, 2024
Fresh install returning 502 Bad Gateway Installation unsupported-install	28	535	April 11, 2024
Various errors from docker logs and https issue Installation	4	884	May 13, 2019
[HELP] Cannot login, error shows "BAD CSRF" Support	31	3919	July 3, 2024
Best free option to protect discourse from many requests Installation	30	2054	October 7, 2023

Log Invalid Login Attempts for Fail2ban and upstream server action

Related Topics