How to log failed login attempts (Ubuntu)

  • Login: Attempted login user
  • Failures: Failed login attempts
  • Maximum: Allowed login failures before disabling the account
  • Latest: Date and time of last failed login
  • On: Where the failed login occurred

Step 1 – Enable pam_tally.so in /etc/pam.d/common-auth

Add the following lines to the top of the file:

 

Step 2 – Enable pam_tally.so in /etc/pam.d/sshd

Add the following lines immediately before  @include common-auth:

 

Step 3 – Enable PAM in /etc/ssh/sshd_config

Step 4 – Restart ssh

How to display an Nginx status page using stub_status

This short guide explains how to display Nginx statistics when a certain location is requested, usually at /nginx_status.  For more information see the HttpStubStatusModule wiki page.

Step 1 – Compile Nginx with HttpStupStatusModule

Displaying Nginx’s status requires the HttpStubStatusModule.  This module is not included by default during compilation.  If you installed Nginx from a package, it may have been included.

Pass the following flag during configuration to include HttpStubStatusModule:

Step 2 – Add location to site’s configuration file

Add the following to your site’s configuration file, optionally replacing /nginx_status with a custom location.

  • stub_status on indicates this location has a special function.  Rather than displaying a file or directory, only statistics for Nginx will be shown.
  • access_log off disables logging for this location.

Step 3 – Limit access to the status page

Note that the status page by default will be public.  To keep it private, consider:

  • Using a custom location that is hard to guess
  • Password protecting the page
  • Limiting the page to only your IP address