From 1067070e023e2e218d89b2fb455e90c7bf97fc46 Mon Sep 17 00:00:00 2001
From: lapineige <lapineige@users.noreply.github.com>
Date: Tue, 20 Apr 2021 09:48:07 +0200
Subject: [PATCH] Add fail2ban for the API

---
 scripts/install | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/scripts/install b/scripts/install
index 8a0babd..e1d6c5b 100755
--- a/scripts/install
+++ b/scripts/install
@@ -135,6 +135,12 @@ ynh_replace_string --match_string="__PHPVERSION__" --replace_string=$phpversion
 cp ../conf/freshrss.cron "$cron_path"
 chmod 644 "$cron_path"
 
+#=================================================
+# SETUP FAIL2BAN
+#=================================================
+
+ynh_add_fail2ban_config_temp "/var/log/nginx/$domain-access.log" ".* - - .*\/api\/[a-z]*(.php)\/accounts\/ClientLogin\?Email=[a-z]*&Passwd=[a-z]* HTTP.* 401 .*" 12 # 10 retries should be enough to permit some tests with (for instance) an app client
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================