1.先至http://mattrude.com/projects/roundcube-fail2ban-plugin/下載Roundcube Fail2ban原件
roundcube-fail2ban-plugin.1.1.tgz
2.接著將下載的檔案解壓縮後,取出的資料夾名稱修改為fail2ban,再置/roundcubemail/plugins下
3.系統需安裝fail2ban
sudo apt-get update
sudo apt-get install fail2ban
4.編輯/etc/fail2ban/jail.conf,找到以下區段並修改如下:
# Monitor roundcube server[roundcube-auth]
enabled = true <---預設是false,須改成true,啟動這項功能
filter = roundcube-auth
port = http,https
logpath = /var/www/roundcubemail/logs/userlogins <---這裡須指定roundcube login的紀錄檔名稱位置
5.修改/etc/fail2ban/filter.d/roundcube-auth.conf檔案內容,將failregex設定如下
failregex = ^.*FAILED login for .*. from <HOST>
6.接著在roundcube的設定檔內需啟動login的紀錄功能,編輯roundcube的設定檔config.inc.php,一般位於roundcube資料夾下的config資料夾內,在檔案內添加以下設定:
$config['log_logins'] = true;7.找個帳號登入roundcube,讓系統產生userlogins這個紀錄檔
8.重新啟動fail2ban
sudo service fail2ban restart
Fail2ban設定請參閱:
