Skip to main content
Recent Posts
1
General ElkArte discussions / Re: How to integrate ElkArte and fail2ban?
Last post by Spuds -
There is a good overall blocker that you can set up for either Apache or Nginx available here. https://github.com/mitchellkrogza its really good if you have a general problem with you sites getting hammered.

If you just want to trigger fail2ban based off the Elkarte login page getting hit, then (untested) you would do

1) find where you server is saves its access log, example /var/log/nginx/access.log
2) in that log you should see the submit page for the login /index.php?action=login2 if its getting hit you will see that with the same ip address over and over
3) create a f2b filter /etc/fail2ban/filter.d/elkarte-login-abuse.conf with the following
Code: [Select]
[Definition]
failregex = <HOST> -.*"(GET|POST) /index.php\?action=login2.* HTTP/.*"
ignoreregex =
4) add the above to your fail2ban jail jail.local
Code: [Select]
[elkarte-login-abuse]
enabled = true
port = http,https
filter = elkarte-login-abuse
logpath = /var/log/nginx/access.log
maxretry = 4
findtime = 300
bantime = 86400
action = iptables[name=elkarte-login-abuse, port=http, protocol=tcp]
maxretry: 4 requests in
findtime: 300 seconds (5 minutes) triggers the ban.
bantime: 86400 seconds (24 hours). ban time

adjust to your liking
5) restart fail2ban sudo systemctl restart fail2ban
2
General ElkArte discussions / How to integrate ElkArte and fail2ban?
Last post by hannaconner -
Hi, are there anyone that tried to integrate ElkArte and fail2ban? I want to prevent someone bruteforcing the login page. While the forum will ban multiple failed login but it still get processed by php. I want to take it further that the bot is blocked at network level, so it doesn't affect performance badly. yesterday my wordpress blog login page got hammered, and i must disabled php-fpm to access my vps.
7
Addons / Re: Multi Tenancy - Multi Forums Via Various Domains In A Single Installation
Last post by Spuds -
Good place to start ...

I've been working on 2.0 Addons and have made several changes and added new features/functions to help addon authors.

The main updates (that I will push to Github this week) allow installing addons in the Addon directory instead of only the ElkArte directory.  This can help with organization.  It uses the Addon namespace, so you add a directory under Addons like Addons\MyStuff and then in MyStuff.php you would use namespace Addons\MyStuff; filenames and directories need to match for the autoloader to work properly.

Also added a several functions to help work with the new menu system, basically helpers like insertSubsection() and insertSection() which allow adding new menu items easily.
8
Addons / Re: [ADDON] Google Member Map
Last post by Spuds -
Another one that has been updated to work with 2.0 :D

I don't recall adding any new features, but did clean up the JS considerably since this version will only support 2.0.  Improved its performance when there are large numbers of pins.

I did remove the export of KML map data feature as unnecessary bloat.

No  package just yet.

9
Addons / Re: [ADDON] Fancybox
Last post by Spuds -
Just a quick bump .... I've done the updates so this will work with Elk 2.0 (no package yet)

Updated the Javascript so it is cleaner and works with 2.0

Kept the same fancybox version as previous release as that was the last one that had a compatible license.

Added the ability to show the thumbnail navigation below the image, previous versions only allowed it on the side (see pic)