Hi,
I want to protect my OTRS server against brute force attacks and I've seen a couple of ideas in this forum suggesting fail2ban.
I am not a Linux person, however from what I understand fail2ban monitors log files for patterns that indicate failed logons.
I checked all possible logs that I can think of - OTRS and Apache, but I didn't see any records of failed logons of my simulated tests.
Please let me know specifically which log(s) are used by OTRS to record failed logons, and whether I need to raise the verbosity of the log(s) in question to have failed logons logged.
Thank you.
What logs to monitor with fail2ban?
Moderator: crythias