[FEATURE] Raise user authentication log severity
authorArjen Hoekema <arjenhoekema@gmail.com>
Wed, 23 May 2012 08:09:58 +0000 (10:09 +0200)
committerChristian Kuhn <lolli@schwarzbu.ch>
Sat, 30 Jun 2012 12:54:14 +0000 (14:54 +0200)
Raise the syslog severity for user authentication failures from 0
(info) to 2 (warning). Log scanners like 'fail2ban' can be used to
detect login errors without setting the syslog severity level to 'info'.

Change-Id: Id08f71ef281631326c4b4a75a62088876604c82d
Resolves: #36979
Releases: 6.0
Reviewed-on: http://review.typo3.org/11517
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
typo3/sysext/sv/class.tx_sv_auth.php

index d1fea74..fc71d34 100644 (file)
@@ -125,7 +125,7 @@ class tx_sv_auth extends tx_sv_authbase {
                                                        $this->login['uname']
                                                ),
                                                'Core',
-                                               0
+                                               t3lib_div::SYSLOG_SEVERITY_WARNING
                                        );
                                } else {
                                        if ($this->writeDevLog) {
@@ -151,7 +151,7 @@ class tx_sv_auth extends tx_sv_authbase {
                                                $this->login['uname']
                                        ),
                                        'Core',
-                                       0
+                                       t3lib_div::SYSLOG_SEVERITY_WARNING
                                );
                        }
                }
@@ -179,7 +179,7 @@ class tx_sv_auth extends tx_sv_authbase {
                                        t3lib_div::sysLog(
                                                sprintf( "Login-attempt from %s (%s), username '%s', password not accepted!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'] ),
                                                'Core',
-                                               0
+                                               t3lib_div::SYSLOG_SEVERITY_WARNING
                                        );
                                }
                                if ($this->writeDevLog) {
@@ -195,7 +195,7 @@ class tx_sv_auth extends tx_sv_authbase {
                                        t3lib_div::sysLog(
                                                sprintf( "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST'] ),
                                                'Core',
-                                               0
+                                               t3lib_div::SYSLOG_SEVERITY_WARNING
                                        );
                                }
                                $OK = FALSE;