has somebody setup a fail2ban filter and jail for xwiki? Would be great if those settings were shared.
More recent versions of xWiki implement authentication security by disabling the account/forcing captcha after a per-defined number of failed logins for a certain amount of time.
What would you like to achieve with fail2ban other than that?
Just to use the same as for other services. No big deal, though.
You might try to implement that on your reverse proxy / WAF by filtering the url “xwiki/bin/loginsubmit/XWiki/XWikiLogin”, and status code 403 for method POST.
Just an idea. Don’t know if that will work …
Personally, I prefer built in solutions as they tend to be less error pron, upgrade safe and have access to more information than fail2ban.
One task on my list is to receive an notification in case a user has been disabled or requested to provide an Captcha… just to be aware …