nice work, works flawless, thank you!
Just 2 minor suggestions:

• in your documentation you suggest to name the filter = symfony in the jail.local. Since you also suggest to name the Kimai specific filter #/etc/fail2ban/filter.d/kimai2.conf (and not symfony.conf), the filter name has to be filter = kimai2 in the jail.local
• it would be nice to have some hint about the plugin being installed even though there are no options to configure it within Kimai
  

Hi,

tried to update the plugin to the new 1.1 version in the usual way:

1. remove old plugin directory
2. copy new plugin file over to plugin directory
3. do the kimai:reload
4. adapt file permissions and group

However, step 3 results in this warning:

bin/console kimai:reload --env=prod
PHP Warning:  include(/srv/www/htdocs/kimai_v2/kimai2/vendor/composer/../../var/plugins/Fail2BanBundle/Fail2BanPlugin.php): Failed to open stream: No such file or directory in /srv/www/htdocs/kimai_v2/kimai2/vendor/composer/ClassLoader.php on line 571
PHP Warning:  include(): Failed opening '/srv/www/htdocs/kimai_v2/kimai2/vendor/composer/../../var/plugins/Fail2BanBundle/Fail2BanPlugin.php' for inclusion (include_path='.:/usr/share/php') in /srv/www/htdocs/kimai_v2/kimai2/vendor/composer/ClassLoader.php on line 571

And the plugin is not shown at kimai2.site/en/admin/plugins

Kimai version: 1.22.1
PHP: 8.0
OS: Ubuntu 20

So I tested out if fail2ban was working, as it doesn't generate a fail2ban.log file upon activation. And I noticed a few things which might be worth looking into?

First, the plugin doesn't generate a fail2ban.log file until a failed login-attempt has been made. The problem with this is that fail2ban will crash if a logfile is not found, meaning no protection as the service is terminated.
It will not mention that if you just restart fail2ban (so that is bad on their part), but I think an easy-fix is to just generate an empty file if not exist upon starting kimai?

Second, I tested a failed-login attempt which printed the following entry:

[2022-08-01 15:38:18] fail2ban.ERROR: 127.0.0.1 [] []

I am pretty sure fail2ban won't ban the localhost, but it is pretty curious how it should protect against brute-force logins if this is all the information it gets.

Information:
Kimai version: 1.21 stable
Ubuntu 20.04
plugin version: I cloned the github today, so not sure? I guese 1.1, but I cannot confirm it as it doesn't show up in the plugins-list in the admin-panel.

If you need additional information, feel free to ask!

Debian 10/11
Fail2ban expect a log file:
/var/www/kimai2/var/log/fail2ban.log
that, right after install , doesn't exist (no one has tried to authenticate with wrong credentials yet).

The problem is solved by trying to log in with the wrong credentials once.
It might be helpful to report this in the documentation or create the file.

nb. this is a limitation of fail2ban but it affect the installation process:
fail2ban/fail2ban#1593

Thanks

First of all, I'd like to express my gratitude for creating such an amazing project. Thank you for your hard work and dedication!

I am writing to seek your assistance with implementing Fail2ban for Kimai, which is running in Docker and Nginx, while Fail2ban is running in the host machine.

I've been trying to figure out the best approach for implementing Fail2ban to secure my Kimai installation, but I'm not sure how to configure it properly. I would greatly appreciate any guidance or tips that you may have on this.

Some of the specific issues that I'm encountering include:

• How to configure Fail2ban to monitor the logs of Kimai running in Docker and Nginx on the host machine. I'd like to have fail2ban at that level as I have many other instances already using it. I can't get Kimai to detect the bad login and write it to the syslog. I'm using the following right now in my docker configuration:

• logging:
  driver: "syslog"
  options:
    tag: "kimai-time"
  

• What would be the best Fail2ban filter and regex to use for detecting and banning suspicious activity in Kimai. I'm using the default one you provided.

• Any other considerations or best practices that I should be aware of when implementing Fail2ban for Kimai in Docker.

I would be grateful if you could provide any assistance or point me in the right direction. Thank you again for your amazing project and for any help that you can offer. Thank you!

Cheers.

Steve.

Hi,

I installed the plugin following the README, I rebuild the cache but the plugin does not appear under System - Plugins

Kimai version: 2.0.26
Plugin version: 2.0

Thanks

I'm using kimai/kimai2 Docker image and downloaded v2 of the bundle (even though container reports as 1.30.11 stable (Ayumi). I installed the plugin (extracted, renamed, rebuild cache, fixed permissions) hopefully correctly at least it shows in the Web-GUI and there are no errors in the log. However, testing it with false logins does not log anything. Neither an error in the existing logs nor anything to fail2ban.log (did touch the file and it has the correct permissions). Any ideas where I might have gone wrong?