/gitlab.cfg
Created Oct 24, 2016
Fail2ban filter for gitlab. Tested with gitlab version 8.13 and fail2ban version 0.9.4
| # cat /etc/fail2ban/filter.d/gitlab.conf | |
| # fail2ban filter configuration for gitlab | |
| # Author: Pawel Chmielinski | |
| [Init] | |
| maxlines = 6 | |
| [Definition] | |
| # The relevant log file is in /var/log/gitlab/gitlab-rails/production.log | |
| # Note that a single failure can appear in the logs up to 3 times with just one login attempt. Adjust your maxfails accordingly. | |
| ## Example fail - clone repo via https | |
| #Started GET "/" for 10.0.0.91 at 2016-10-25 00:01:24 +0200 | |
| #Processing by RootController#index as HTML | |
| #Completed 401 Unauthorized in 69ms (ActiveRecord: 23.7ms) | |
| ## Example fail - login via GUI | |
| #Started GET "//chmielu/test.git/info/refs?service=git-upload-pack" for 10.0.0.91 at 2016-10-25 00:01:09 +0200 | |
| #Processing by Projects::GitHttpController#info_refs as */* | |
| # Parameters: {"service"=>"git-upload-pack", "namespace_id"=>"chmielu", "project_id"=>"test.git"} | |
| #Filter chain halted as :authenticate_user rendered or redirected | |
| #Completed 401 Unauthorized in 50ms (Views: 0.8ms | ActiveRecord: 8.1ms) | |
| failregex = ^Started .* for <HOST> at .*<SKIPLINES>Completed 401 Unauthorized | |
| ignoreregex = | |
This comment has been minimized.
This comment has been minimized.
jaytagdamian
commented
Jul 9, 2018
•
|
File: /etc/fail2ban/jail.local [gitlab] |
This comment has been minimized.
This comment has been minimized.
NaWer
commented
May 16, 2019
•
|
For gitlab 11, there is a repository : https://gitlab.com/MiGoller/gitlab-fail2ban-filter |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
centerboy88 commentedNov 28, 2017
great solution.... thanks