Log failed accesses option

.env.example.complete

@@ -267,3 +267,9 @@ API_MAX_ITEM_COUNT=500
 
 # The number of API requests that can be made per minute by a single user.
 API_REQUESTS_PER_MIN=180
+
+# Failed access
+# message to log into webserver logs in case of failed access, for further processing by tools like Fail2Ban
+# Apache users should use : user "%u" authentication failure for "BookStack"
+# Nginx  users should use : user "%u" was not found in "BookStack"
+FAILED_ACCESS_MESSAGE=''

app/Http/Controllers/Auth/LoginController.php

@@ -169,15 +169,20 @@ class LoginController extends Controller
     }
 
     /**
-     * Log failed accesses, matching the default fail2ban nginx/apache auth rules.
+     * Log failed accesses, for further processing by tools like Fail2Ban
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return void
       */
-    protected function logFailedAccess(Request $request)
+    protected function logFailedAccess($request)
     {
-        if (isset($_SERVER['SERVER_SOFTWARE']) && preg_match('/nginx/i', $_SERVER['SERVER_SOFTWARE'])) {
+        $log_msg = env('FAILED_ACCESS_MESSAGE', '');
-             error_log('user "' . $request->get($this->username()) . '" was not found in "BookStack"', 4);
+
-         } else {
+        if (!is_string($request->get($this->username())) || !is_string($log_msg) || strlen($log_msg)<1)
-             error_log('user "' . $request->get($this->username()) . '" authentication failure for "BookStack"', 4);
+            return;
-         }
+
+        $log_msg = str_replace("%u", $request->get($this->username()), $log_msg);
+        error_log($log_msg, 4);
     }
 
 }