Recent content by SinišaB

Found it: /var/log/apache2/other_vhosts_access.log Thank you, IgorG!

Hello! I was unable to find the HTTP log in which the access to the mailman web interface is logged. Looking into the apache VirtualHost and ServerNAme "list" in /etc/apache2/plesk.conf.d/server.conf, I see there are no log definitions at all. Can someone please help? Thank you!

We need to be able to lock out an IP after certain number of failed login attempts for any user, not just for those with admin privileges. Current mechanism restricts admin access only, but leaves customers' accounts open to password guessing attacks.

Hello, IgorG, and thanks for replying. Unfortunately, restricting the panel access statically by IP is not an option in many cases. Customers could be .. well.. anywhere. :) I've already heard about future fail2ban integration, I just hope it won't mess up already working f2b installations...

It's unbelievable Plesk still doesn't have a mechanism to protect itself from brute-force login attacks! While we are waiting for authors to make it available as an option in the Admin panel, here's how I do it: Have a look at database "psa", table "log_actions". Plesk logs failed logins...