Skip to content

Instantly share code, notes, and snippets.

View jon-nfc's full-sized avatar

Jon jon-nfc

2 followers · 0 following
View GitHub Profile
@drmalex07
drmalex07 / README-fail2ban-keycloak.md
Last active July 9, 2024 16:22
Use fail2ban to block brute-force attacks to keycloak server. #keycloak #fail2ban #brute-force-attack

Add regular-expression filter under /etc/fail2ban/filter.d/keycloak.conf:

[INCLUDES]

before = common.conf

[Definition]

_threadName = [a-z][-_0-9a-z]*(\s[a-z][-_0-9a-z]*)*
_userId = (null|[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})