Problem:
Current security logging only shows IP address 127.0.0.1, which is not useful.
Example Log Message:
Login attempt failed
Login attempt or request with invalid
authentication from
localhost (127.0.0.1). See the log for details.
4 minutes ago
When you check the detailed logs you also see no useful information:
- Login attempt or request with invalid authentication from localhost (127.0.0.1). Requested URL: ‘/auth/login_flow/890cd……1cci8…’. (Mozilla/5.0 (………)
Solution:
-
Log Real IP Addresses:
- Accurate identification of attackers.
- Enhanced monitoring and response to threats.
-
Integrate Fail2Ban:
- Automatic blocking of malicious IPs.
- Proactive real-time defense.
Add-On Proposal:
Offer Fail2Ban as an add-on for better appliance protection.
Missing Feature:
This feature is currently missing in Home Assistant OS, lowering its securitylevel of HA users.
Conclusion:
Improving security logging (show attacker IP address) and integrating Fail2Ban will provide actionable insights and automatic protection, strengthening Home Assistant’s security.
Adopting these proposals will make Home Assistant more robust and reliable for its users.
Call to Action:
To ensure these crucial security features are implemented, I request all Home Assistant users to massively vote for this proposal in the last days of the WTH month now this is still possible.
Your support is essential in making Home Assistant a safer and more secure platform for everyone!
Thank you very much. 
(Please also read my last post on the WTH security feature for allowing security hardware tokens for up-to-date stronger and safer authentication) WTH is there better MFA, U2F/FIDO2? - #3 by Ha20