English English

Warning: count(): Parameter must be an array or an object that implements Countable in /var/www/ard-site/templates/ardsite/library/Designer/Content/SingleArticle.php on line 198

Matrix-Synapse - Fail2ban filter

How to create a fail2ban filter for the application "matrix" (matrix-synapse).

Matrix is a chat/messaging server which can be used with the app Riot. We have to create a new filter and add that as a jail to fail2ban.

Important: You need to have at least the version fail2ban 0.9.1, because this filter uses multiple lines for the regex.


Create the filter

# matrix-synapse configuration file

maxlines = 3


# Option:  failregex
# Notes.:  regex to match the password failures messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>\S+)
# Values:  TEXT

failregex = .*::ffff:<HOST> - 8448 - Received request: POST.*\n.*Got login request.*\n.*Attempted to login as.*
            .*::ffff:<HOST> - 8448 - Received request: POST.*\n.*Got login request.*\n.*Failed password login.*

# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
ignoreregex =


Add filter to fail2ban jails

Adjust the logpath to your log file, if you use another log file.

enabled = true
filter = matrix-synapse
logpath = /var/log/matrix-synapse/homeserver.log
maxretry = 5

Restart fail2ban to activate the new settings

service fail2ban restart

Important: You have to make the log files smaller, to avoid performance issues in fail2ban. Please make the amount of bytes smaller in the log config file log.yaml.

vim /etc/matrix-synapse/log.yaml


Now you are done.

We use cookies on our website. They are essential for the operation of the site