free

Pricing for this item
Logo - Keleo

Keleo

Software development company founded by Kevin Papst

A fail2ban compatible plugin, logging failed authentication requests
Last update: 26 Jul 2019

A Kimai 2 plugin, which logs an error message for every failed login attempt to a dedicated logfile.

This logfile can be analyzed by fail2ban to block access and prevent authentication attacks.

Installation

First clone it to your Kimai installation plugins directory:

cd /kimai/var/plugins/
git clone https://github.com/Keleo/Fail2BanBundle.git

And then rebuild the cache:

cd /kimai/
bin/console cache:clear
bin/console cache:warmup

You could also download it as zip and upload the directory via FTP:

/kimai/var/plugins/
├── Fail2BanBundle
│   ├── Fail2BanBundle.php
|   └ ... more files and directories follow here ... 

Fail2Ban configurations

You should know how to use and configure fail2ban, we cannot help with that part! Having said that, here are some possible rules for your fail2ban configuration.

First the Kimai specific filter:

#/etc/fail2ban/filter.d/kimai2.conf
[Definition]
failregex = fail2ban.ERROR: <HOST> \[.*\] \[.*\]$

And the additional jail.local for Kimai2:

#/etc/fail2ban/jail.local
[kimai2]
enabled   = true
filter    = kimai2
logpath   = /var/www/kimai2/var/log/fail2ban.log
port      = http,https
bantime   = 600
banaction = iptables-multiport
maxretry  = 3

Credits

All items by Keleo

Audit-Trail plugin
New

Records detailed change/audit logs for timesheets, customers, projects and activities and displays them in a per-item timeline.
plugin
29€

Custom-fields plugin
New

Create free configurable additional (optional and mandatory) fields for timesheets, customers, projects and activities in various formats.
plugin
49€
Custom CSS plugin
plugin
free
Fail2Ban plugin
plugin
free
Installation & Update support
support
upon request
Recalculate rates plugin
plugin
free