Authentication Fails logged to webGUI and/or PHP/HTTPD #4823

New Issue

OVERLORD · 2026-02-05T09:18:44+03:00

OVERLORD commented

2026-02-05 09:18:44 +03:00

Originally created by @BloodyIron on GitHub (Jun 12, 2024).

Describe the feature you'd like

As far as I know Environment Variable "LOG_FAILED_LOGIN_MESSAGE" is false/off by default, and setting it to a string defines the string that is logged to PHP/HTTPD (Apache? NGINX? whatever) when a user fails to login (username+password).

I don't see this actually logging, but that might be due to the linuxserver docker image that I'm using.

That being said, I really would like to also have the ability to log these fails to the Bookstack "Audit Log" section in the Bookstack webGUI, so that it is at least somewhat visible in that area. Right now only successful authentications show up there, and seemingly fails do not.

Describe the benefits this would bring to existing BookStack users

It would help me get more visibility on any potential login abuse or user error that would not be visible, or harder to see, without this. Plus this also improves consistency in the functionality of the "Audit Log" within the webGUI for Bookstack.

Can the goal of this request already be achieved via other means?

Not that I know of.

Have you searched for an existing open/closed issue?

I have searched for existing issues and none cover my fundamental request

How long have you been using BookStack?

3 months to 1 year

Additional context

No response

Originally created by @BloodyIron on GitHub (Jun 12, 2024). ### Describe the feature you'd like As far as I know Environment Variable "LOG_FAILED_LOGIN_MESSAGE" is false/off by default, and setting it to a string defines the string that is logged to PHP/HTTPD (Apache? NGINX? whatever) when a user fails to login (username+password). I don't see this actually logging, but that might be due to the linuxserver docker image that I'm using. That being said, I really would like to _also_ have the ability to log these fails to the Bookstack "Audit Log" section in the Bookstack webGUI, so that it is at least somewhat visible in that area. Right now only successful authentications show up there, and seemingly fails do not. ### Describe the benefits this would bring to existing BookStack users It would help me get more visibility on any potential login abuse or user error that would not be visible, or harder to see, without this. Plus this also improves consistency in the functionality of the "Audit Log" within the webGUI for Bookstack. ### Can the goal of this request already be achieved via other means? Not that I know of. ### Have you searched for an existing open/closed issue? - [X] I have searched for existing issues and none cover my fundamental request ### How long have you been using BookStack? 3 months to 1 year ### Additional context _No response_

OVERLORD added the 🔨 Feature Request label 2026-02-05 09:18:44 +03:00

OVERLORD referenced this issue

2026-02-05 10:31:38 +03:00

[PR #4827] [MERGED] Update of entity loading to be more efficient and avoid global addSelects #6413

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#4823