Friendica has a build in command console you can find in the bin directory. The console provides the following commands:
Please consult bin/console help on the command line interface of your server for details about the commands.
In addition to the tools Friendica includes, some 3rd party tools can make your admin days easier.
Fail2ban is an intrusion prevention framework (see Wikipedia) that you can use to forbid access to a server under certain conditions, e.g. 3 failed attempts to log in, for a certain amount of time.
The following configuration was provided by Steffen K9 using Debian. You need to adjust the logpath in the jail.local file and the bantime (value is in seconds).
In /etc/fail2ban/jail.local create a section for Friendica:
enabled = true
findtime = 300
bantime = 900
filter = friendica
port = http,https
logpath = /var/log/friend.log
logencoding = utf-8
And create a filter definition in /etc/fail2ban/filter.d/friendica.conf:
failregex = ^.*authenticate\: failed login attempt.*\"ip\"\:\"<HOST>\".*$
Additionally you have to define the number of failed logins before the ban should be activated. This is done either in the global configuration or for each jail separately. You should inform your users about the number of failed login attempts you grant them. Otherwise you'll get many reports about the server not functioning if the number is too low.
If you have activated the logs in Friendica, be aware that they can grow to a significant size. To keep them in control you should add them to the automatic log rotation, e.g. using the logrotate command.
In /etc/logrotate.d/ add a file called friendica that contains the configuration. The following will compress /var/log/friendica (assuming this is the location of the log file) on a daily basis and keep 2 days of back-log.