BookStack icon indicating copy to clipboard operation
BookStack copied to clipboard
verified publisher icon BookStackApp

Authentication Fails logged to webGUI and/or PHP/HTTPD

Open BloodyIron opened this issue 1 year ago • 0 comments

Describe the feature you'd like

As far as I know Environment Variable "LOG_FAILED_LOGIN_MESSAGE" is false/off by default, and setting it to a string defines the string that is logged to PHP/HTTPD (Apache? NGINX? whatever) when a user fails to login (username+password).

I don't see this actually logging, but that might be due to the linuxserver docker image that I'm using.

That being said, I really would like to also have the ability to log these fails to the Bookstack "Audit Log" section in the Bookstack webGUI, so that it is at least somewhat visible in that area. Right now only successful authentications show up there, and seemingly fails do not.

Describe the benefits this would bring to existing BookStack users

It would help me get more visibility on any potential login abuse or user error that would not be visible, or harder to see, without this. Plus this also improves consistency in the functionality of the "Audit Log" within the webGUI for Bookstack.

Can the goal of this request already be achieved via other means?

Not that I know of.

Have you searched for an existing open/closed issue?

  • [X] I have searched for existing issues and none cover my fundamental request

How long have you been using BookStack?

3 months to 1 year

Additional context

No response

BloodyIron avatar Jun 12 '24 20:06 BloodyIron