On 7/14/22 08:19, Lists via Mailman-users wrote:
Also, this error doesn’t appear in the MM or Apache logs, it just gets emailed, so I am going to have to figure out how to turn on the appropriate logging in order to get fail2ban to monitor it. Any pointers in this regard would be gratefully received.
We're getting hit with this BS all the time too. This is what happens when we can no longer spank our children.
For fail2ban, here's my jail.local entry:
[django-local] enabled = true port = http,https filter = django-local action = ipfilter logpath = /var/log/mailman3/web/mailman-web.log maxretry = 1 findtime = 21600 bantime = 604800
...and my filters/django-local.conf file:
[Definition] failregex = ^\[pid.*\] <HOST> .*GET /mailman3/accounts/fedora/login ignoreregex =
I don't know if this is optimal, but it works, and it's catching these little idiots left and right, a few dozen per day. My platform is Solaris (SmartOS).
-Dave-- Dave McGuire, AK4HZ New Kensington, PA