Catch failed login attempts (on local server)

Couldn’t find any information about this so I guess I have an idea for y’all :smiley:

I’m testing a local server that I now have exposed to the dreaded internet :grimacing: The inevitably result of this is people from around the world tries to gain access to my poor server and do malicious things. I’ve taken the “standard” precautions to monitor and ban IP’s after failed login attempts to other services and restricted access (where applicable) to know hosts.

But I have no idea about who’s doing what with BlynkServer.jar(!) The only trace I could find from a failed attempt was when I entered wrong credentials in the App. blynk.log said:

WARN - User 'xxx@gmail.com' credentials are wrong. /94.x.x.x:27262

I would be happy if there was some standard formatted output to e.g. syslog, auth.log or blynk.log containing info about connections and (most of all) failed login attempts. A “log-based intrusion prevention tool” would hopefully do the rest and block unwanted activities :slight_smile:

Yes, I’m using Linux! No, I don’t care about Windows. :rofl:

Linux 4.4.0-104-generic #127-Ubuntu SMP Mon Dec 11 12:16:42 UTC 2017 x86_64 GNU/Linux