I have Fail2ban running, and here I configured it just to alert me in case of attempts because my Guacamole is running on top of a firewall web portal. It is always the same IP that accesses Guacamole.
jail.conf [guacamole] enabled = true port = http,https,8080,8443 logpath = /var/log/tomcat*/catalina.out action = %(action_mwl)s maxretry = 7 At.te, Luciano de Oliveira --------------------------------------------------- Técnico em Telecomunicações - Registro CFT Infraestrutura de Redes e Servidores ________________________________ De: Nick Couchman <vn...@apache.org> Enviado: quarta-feira, 3 de julho de 2024 12:44 Para: user@guacamole.apache.org <user@guacamole.apache.org> Assunto: Re: fail2ban included On Wed, Jul 3, 2024 at 11:41 AM DEFAULT <he...@wijayas.com.invalid> wrote: Hi, I am using cloudron.io<http://cloudron.io> (https://www.cloudron.io/) as the base, sort of like cpanel, and then Guacamole is installed as a docker. My questions are: * does guacamole has fail2ban included? No, we do not include fail2ban in Guacamole directly; however, it should be relatively easy to set up and install. * if not, then should I install it at the guacamole level or cloudron level? I would say at the Cloudron level - you need to deploy fail2ban in a place where it can monitor the logs of your guacamole container, and then put firewall rules in place to block the traffic. * if at the guacamole level, how do I install and integrate it? I've never done it before, and it isn't something you install in Guacamole; however, others on this forum ave and can probably provide you with instructions. -Nick
