[web-dolibarr-hackattempt]

; rule against bruteforce hacking (login + api)
enabled = true
port    = http,https
filter  = web-dolibarr-hackattempt
logpath = /mypath/documents/documents/dolibarr.log
action  = %(action_mw)s
bantime  = 86400     ; 1 day
findtime = 3600      ; 1 hour
maxretry = 3         ; 5 hack attempts in 1 hour, we ban