Skip to content

Instantly share code, notes, and snippets.

@pawilon pawilon/gitlab.cfg
Created Oct 24, 2016

What would you like to do?
Fail2ban filter for gitlab. Tested with gitlab version 8.13 and fail2ban version 0.9.4
# cat /etc/fail2ban/filter.d/gitlab.conf
# fail2ban filter configuration for gitlab
# Author: Pawel Chmielinski
maxlines = 6
# The relevant log file is in /var/log/gitlab/gitlab-rails/production.log
# Note that a single failure can appear in the logs up to 3 times with just one login attempt. Adjust your maxfails accordingly.
## Example fail - clone repo via https
#Started GET "/" for at 2016-10-25 00:01:24 +0200
#Processing by RootController#index as HTML
#Completed 401 Unauthorized in 69ms (ActiveRecord: 23.7ms)
## Example fail - login via GUI
#Started GET "//chmielu/test.git/info/refs?service=git-upload-pack" for at 2016-10-25 00:01:09 +0200
#Processing by Projects::GitHttpController#info_refs as */*
# Parameters: {"service"=>"git-upload-pack", "namespace_id"=>"chmielu", "project_id"=>"test.git"}
#Filter chain halted as :authenticate_user rendered or redirected
#Completed 401 Unauthorized in 50ms (Views: 0.8ms | ActiveRecord: 8.1ms)
failregex = ^Started .* for <HOST> at .*<SKIPLINES>Completed 401 Unauthorized
ignoreregex =

This comment has been minimized.

Copy link

commented Nov 28, 2017

great solution.... thanks


This comment has been minimized.

Copy link

commented Jul 9, 2018

File: /etc/fail2ban/jail.local

enabled = true
port = http,https
filter = gitlab
logpath = /var/log/gitlab/gitlab-rails/production.log

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.