I would like to protect PhPmyadmin login against bruteforce attacks with fail2ban How can I enable log failed logins in phpmyadmin and what filter should I use in fail2ban for phpmyadmin could somebody writes the steps what I should do my phpmyadmin running port 9000
I have tried to add these lines to /etc/apache2/conf-available/phpmyadmin.conf
<VirtualHost *:80>
ServerName 127.0.0.1
DocumentRoot /usr/share/phpmyadmin
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %{userID}n % {userStatus}n" pma_combined
CustomLog /var/log/apache2/phpmyadmin_access.log pma_combined
</VirtualHost>
And then
make a filter in
/etc/fail2ban/filter.d/phpmyadmin.conf
[Definition]
denied = mysql-denied|allow-denied|root-denied|empty-denied
failregex = ^<HOST> -.*(?:%(denied)s)$
ignoreregex =
Finally add jail in /etc/fail2ban/jail.local
[phpmyadmin]
enabled = true
port = http,https
filter = phpmyadmin
logpath = /var/log/apache2/phpmyadmin_access.log