aboutsummaryrefslogtreecommitdiffhomepage
path: root/app/config/security.yml
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2017-06-08 22:24:49 +0200
committerJeremy Benoist <jeremy.benoist@gmail.com>2017-06-08 22:24:49 +0200
commit63f9f22fa37b14171c6f92d24f99ccf01ae7af00 (patch)
treeddefd381025de91686995c883bb7122dd986898b /app/config/security.yml
parent3f474025d889c3eff20b481f005f4d292f1ef29d (diff)
downloadwallabag-63f9f22fa37b14171c6f92d24f99ccf01ae7af00.tar.gz
wallabag-63f9f22fa37b14171c6f92d24f99ccf01ae7af00.tar.zst
wallabag-63f9f22fa37b14171c6f92d24f99ccf01ae7af00.zip
Log an error level message when user auth fail
When a user login using the form we know log an error level information with information about the user: - username used - IP - User agent For example: > Authentication failure for user "eza", from IP "127.0.0.1", with UA: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36". It’ll allows server admin using fail2ban to configure it to block these people if they generate too much failure authentication.
Diffstat (limited to 'app/config/security.yml')
-rw-r--r--app/config/security.yml1
1 files changed, 1 insertions, 0 deletions
diff --git a/app/config/security.yml b/app/config/security.yml
index ffb1d356..171a69e2 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -41,6 +41,7 @@ security:
41 form_login: 41 form_login:
42 provider: fos_userbundle 42 provider: fos_userbundle
43 csrf_token_generator: security.csrf.token_manager 43 csrf_token_generator: security.csrf.token_manager
44 failure_handler: wallabag_user.security.custom_auth_failure_handler
44 45
45 anonymous: true 46 anonymous: true
46 remember_me: 47 remember_me: