Hi Guys
If an approved user attempts to log in to WEBMIN we get an entry in /var/log/auth.log like
May 11 16:21:10 server1 perl: pam_unix(webmin:session): session opened for user domain by (uid=0)
May 11 16:21:10 domain webmin[1727]: Successful login as first.name.domain from 230…xxx.xxx.xxxCoded
If someone (unauthorised) attempts to log in to WEBMIN we get an entry in /var/log/auth.log like
May 11 12:34:32 server1 webmin[26336]: Non-existent login as xxx from 230…xxx.xxx.xxx
May 11 12:34:35 server1 webmin[26337]: Non-existent login as xxxaaa from 230…xxx.xxx.xxxCoded
If an approved user attempts to log in to USERMIN we get an entry in /var/log/auth.log like
May 11 15:18:38 server1 perl: pam_unix(usermin:session): session opened for user first.name.domain by (uid=0)
If someone (unauthorised) attempts to log in to USERMIN there appears to be nothing?
Where are the unauthorised attempts logged for USERMIN.
If they are not logged then they should be so that programs like fail2ban can be used to ban the IP Addresses. If USERMIN does not log failed attempts then this should be pointed out to the developers.
Thanks
Allan