starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-03-01 11:19:52 +03:00
Code Issues 32 Packages Projects Releases 12 Wiki Activity

Logs missing for wrong logins #699

New Issue
Closed
opened 2026-02-04 22:15:45 +03:00 by OVERLORD · 3 comments
OVERLORD commented 2026-02-04 22:15:45 +03:00
Owner
Copy Link

Originally created by @Jungack on GitHub (May 4, 2020).

Hello,
I am trying to turn on logging. I am running Debian 10 and Bitwarden_rs with MariaDB, all behind Nginx proxy using shauder config from https://github.com/dani-garcia/bitwarden_rs/wiki/Proxy-examples.
(I have only added two lines and removed the auth basic thing for admin page. This are the added lines :
access_log /var/log/nginx/bitwarden.access;
error_log /var/log/nginx/bitwarden.error;)
I also use systemd according to your wiki : https://github.com/dani-garcia/bitwarden_rs/wiki/Setup-as-a-systemd-service. My installation directory is /opt/bitwarden_rs/target/release/ : in fact, I did not move any files.

So here is the problem : I activated the logs according to this wiki page : https://github.com/dani-garcia/bitwarden_rs/wiki/Logging. So I have edited the .env file in /opt/bitwarden_rs/target/release/.env and enabled LOG_FILE=/data/bitwarden.log which I set to LOG_FILE=/opt/bitwarden_rs/target/release/data/bitwarden_rs.log. I have then enabled EXTENDED_LOGGING=true. All the other options concerning logging were removed. When I start Bitwarden_rs using sudo systemctl start bitwarden_rs.service, or cargo run --features mysql --release, It logs It in the file I mentionned. When I have created a new user, It also logs It.

However, when I try fail attempts, It does not anything. How is It possible? I want to set up Fail2ban up, but can't do anything yet and looked for a solution for several hours now. Thanks for help !

Originally created by @Jungack on GitHub (May 4, 2020). Hello, I am trying to turn on logging. I am running Debian 10 and Bitwarden_rs with MariaDB, all behind Nginx proxy using shauder config from [https://github.com/dani-garcia/bitwarden_rs/wiki/Proxy-examples](url). (I have only added two lines and removed the auth basic thing for admin page. This are the added lines : `access_log /var/log/nginx/bitwarden.access;` `error_log /var/log/nginx/bitwarden.error;`) I also use systemd according to your wiki : [https://github.com/dani-garcia/bitwarden_rs/wiki/Setup-as-a-systemd-service](url). My installation directory is `/opt/bitwarden_rs/target/release/` : in fact, I did not move any files. So here is the problem : I activated the logs according to this wiki page : [https://github.com/dani-garcia/bitwarden_rs/wiki/Logging](url). So I have edited the `.env` file in `/opt/bitwarden_rs/target/release/.env` and enabled `LOG_FILE=/data/bitwarden.log` which I set to `LOG_FILE=/opt/bitwarden_rs/target/release/data/bitwarden_rs.log`. I have then enabled `EXTENDED_LOGGING=true`. All the other options concerning logging were removed. When I start Bitwarden_rs using `sudo systemctl start bitwarden_rs.service`, or `cargo run --features mysql --release`, It logs It in the file I mentionned. When I have created a new user, It also logs It. However, when I try fail attempts, It does not anything. How is It possible? I want to set up Fail2ban up, but can't do anything yet and looked for a solution for several hours now. Thanks for help !
OVERLORD added the better for forum label 2026-02-04 22:15:45 +03:00
OVERLORD commented 2026-02-04 22:15:53 +03:00
Author
Owner
Copy Link

@mqus commented on GitHub (May 4, 2020):

I'm not aware of the particulars of Fail2Ban but here is my setup where I do get the failed logins from bitwarden:
I use it with systemd and the service file as written in the wiki. I'm using caddy but the reverse proxy should not be important for that. I don't have Extended logging enabled and don't log the output of bitwarden_rs to a file but let it print everything. systemd picks it up from there automatically:

I see it in

$ systemctl status bitwarden_rs
● bitwarden_rs.service - Bitwarden Server (Rust Edition)
   Loaded: loaded (/usr/lib/systemd/system/bitwarden_rs.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2020-03-14 09:20:40 CET; 1 months 20 days ago
     Docs: https://github.com/dani-garcia/bitwarden_rs
 Main PID: 15947 (bitwarden_rs)
    Tasks: 20 (limit: 2203)
   Memory: 28.6M
   CGroup: /system.slice/bitwarden_rs.service
           └─15947 /usr/bin/bitwarden_rs

May 04 00:10:29 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:29][request][INFO] POST /api/accounts/prelogin
May 04 00:10:29 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:29][response][INFO] POST /api/accounts/prelogin (prelogin) => 200 OK
May 04 00:10:29 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:29][request][INFO] POST /identity/connect/token
May 04 00:10:31 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:31][error][ERROR] Username or password is incorrect. Try again. IP: 10.10.10.10. Username: fakeaccount@email.com.
May 04 00:10:32 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:32][response][INFO] POST /identity/connect/token (login) => 400 Bad Request

after starting it with systemctl start bitwarden_rs.

I'm currently running bitwarden_rs v1.14, haven't updated it yet. What version are you using? Do you see other logs from that failed login, like the ones in my case before the error?

I think fail2ban can also look at the output of systemd/journalctl but simple files should also work. If you have any other questions regarding the .service file, let me know, I wrote that wiki entry ;-)

@mqus commented on GitHub (May 4, 2020): I'm not aware of the particulars of Fail2Ban but here is my setup where I do get the failed logins from bitwarden: I use it with systemd and the service file as written in the wiki. I'm using caddy but the reverse proxy should not be important for that. I don't have Extended logging enabled and don't log the output of bitwarden_rs to a file but let it print everything. systemd picks it up from there automatically: I see it in ``` $ systemctl status bitwarden_rs ● bitwarden_rs.service - Bitwarden Server (Rust Edition) Loaded: loaded (/usr/lib/systemd/system/bitwarden_rs.service; enabled; vendor preset: disabled) Active: active (running) since Sat 2020-03-14 09:20:40 CET; 1 months 20 days ago Docs: https://github.com/dani-garcia/bitwarden_rs Main PID: 15947 (bitwarden_rs) Tasks: 20 (limit: 2203) Memory: 28.6M CGroup: /system.slice/bitwarden_rs.service └─15947 /usr/bin/bitwarden_rs May 04 00:10:29 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:29][request][INFO] POST /api/accounts/prelogin May 04 00:10:29 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:29][response][INFO] POST /api/accounts/prelogin (prelogin) => 200 OK May 04 00:10:29 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:29][request][INFO] POST /identity/connect/token May 04 00:10:31 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:31][error][ERROR] Username or password is incorrect. Try again. IP: 10.10.10.10. Username: fakeaccount@email.com. May 04 00:10:32 mydomain.com bitwarden_rs[15947]: [2020-05-04 00:10:32][response][INFO] POST /identity/connect/token (login) => 400 Bad Request ``` after starting it with `systemctl start bitwarden_rs`. I'm currently running bitwarden_rs v1.14, haven't updated it yet. What version are you using? Do you see other logs from that failed login, like the ones in my case before the error? I think fail2ban can also look at the output of systemd/journalctl but simple files should also work. If you have any other questions regarding the `.service file`, let me know, I wrote that wiki entry ;-)
OVERLORD commented 2026-02-04 22:15:57 +03:00
Author
Owner
Copy Link

@Jungack commented on GitHub (May 4, 2020):

Ok sorry, I just found the problem after many hours huuh ! It was because I was testing with random letters. Bitwarden only logs failed attempts based on the @ letter. I did not put It for tests for hours now owo (Maybe because on french keyboards It requires two buttons to tap an @ 😣). So much time lost 😂... Thank you anyway for your very fast answer !

@Jungack commented on GitHub (May 4, 2020): Ok sorry, I just found the problem after many hours huuh ! It was because I was testing with random letters. Bitwarden only logs failed attempts based on the @ letter. I did not put It for tests for hours now owo (Maybe because on french keyboards It requires two buttons to tap an @ 😣). So much time lost 😂... Thank you anyway for your very fast answer !
OVERLORD commented 2026-02-04 22:16:01 +03:00
Author
Owner
Copy Link

@mqus commented on GitHub (May 4, 2020):

Yeah in that case I get an "Invalid email adress" error in the web client, which probably doesn't even get sent to the server.
Screenshot_2020-05-04_00-43-30

@mqus commented on GitHub (May 4, 2020): Yeah in that case I get an "Invalid email adress" error in the web client, which probably doesn't even get sent to the server. ![Screenshot_2020-05-04_00-43-30](https://user-images.githubusercontent.com/8398165/80927766-50512380-8da0-11ea-8915-df320f9685dc.png)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
troubleshooting
wontfix
No Label better for forum
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#699
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?