docs: improve fail2ban filter

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -20,22 +20,32 @@ body:
       render: Text
       description: |
         Enter the version of FileBrowser you are using.
+    validations:
+      required: true
   - type: textarea
     attributes:
       label: Description
       description: |
         A clear and concise description of what the issue is about. What are you trying to do?
+    validations:
+      required: true
   - type: textarea
     attributes:
       label: What did you expect to happen?
+    validations:
+      required: true
   - type: textarea
     attributes:
       label: What actually happened?
+    validations:
+      required: true
   - type: textarea
     attributes:
       label: Reproduction Steps
       description: |
         Tell us how to reproduce this issue. How can someone who is starting from scratch reproduce this behavior as minimally as possible?
+    validations:
+      required: true
   - type: textarea
     attributes:
       label: Files

CHANGELOG.md

@@ -2,6 +2,13 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [2.34.2](https://github.com/filebrowser/filebrowser/compare/v2.34.1...v2.34.2) (2025-06-29)
+
+
+### Bug Fixes
+
+* mitigate unprotected shares ([2b5d6cb](https://github.com/filebrowser/filebrowser/commit/2b5d6cbb996a61a769acc56af0acc12eec2d8d8f))
+
 ### [2.34.1](https://github.com/filebrowser/filebrowser/compare/v2.34.0...v2.34.1) (2025-06-29)
 
 

frontend/src/components/prompts/Share.vue

@@ -32,16 +32,6 @@
                 <i class="material-icons">content_paste</i>
               </button>
             </td>
-            <td class="small" v-if="hasDownloadLink()">
-              <button
-                class="action copy-clipboard"
-                :aria-label="$t('buttons.copyDownloadLinkToClipboard')"
-                :title="$t('buttons.copyDownloadLinkToClipboard')"
-                @click="copyToClipboard(buildDownloadLink(link))"
-              >
-                <i class="material-icons">content_paste_go</i>
-              </button>
-            </td>
             <td class="small">
               <button
                 class="action"
@@ -142,7 +132,7 @@
 <script>
 import { mapActions, mapState } from "pinia";
 import { useFileStore } from "@/stores/file";
-import { share as api, pub as pub_api } from "@/api";
+import { share as api } from "@/api";
 import dayjs from "dayjs";
 import { useLayoutStore } from "@/stores/layout";
 import { copy } from "@/utils/clipboard";
@@ -257,14 +247,6 @@ export default {
     buildLink(share) {
       return api.getShareURL(share);
     },
-    hasDownloadLink() {
-      return (
-        this.selected.length === 1 && !this.req.items[this.selected[0]].isDir
-      );
-    },
-    buildDownloadLink(share) {
-      return pub_api.getDownloadURL(share);
-    },
     sort() {
       this.links = this.links.sort((a, b) => {
         if (a.expire === 0) return -1;

www/docs/deployment.md

@@ -0,0 +1,34 @@
+## Fail2ban
+
+File Browser does not natively support protection against brute force attacks. Therefore, we suggest using something like [fail2ban](https://github.com/fail2ban/fail2ban), which takes care of that by tracking the logs of your File Browser instance. For more information on how fail2ban works, please refer to their [wiki](https://github.com/fail2ban/fail2ban/wiki).
+
+### Filter Configuration
+
+An example filter configuration targeted at matching File Browser's logs.
+
+```ini
+[INCLUDES]
+before = common.conf
+
+[Definition]
+datepattern = `^%%Y\/%%m\/%%d %%H:%%M:%%S`
+failregex   = `\/api\/login: 403 <HOST> *`
+```
+
+### Jail Configuration
+
+An example jail configuration. You should fill it with the path of the logs of File Browser, as well as the port where it is running at.
+
+```ini
+[filebrowser]
+
+enabled = true
+port = [your_port]
+filter = filebrowser
+logpath = [your_log_path]
+maxretry = 10
+bantime = 10m
+findtime = 10m
+banaction = iptables-allports
+banaction_allports = iptables-allports
+```

www/docs/installation.md

@@ -1,65 +1,60 @@
 # Installation
 
-File Browser is a single binary and can be used as a standalone executable. Although, some might prefer to use it with [Docker](https://www.docker.com) or [Caddy](https://caddyserver.com), which is a fantastic web server that enables HTTPS by default. Its installation is quite straightforward independently on which system you want to use.
+File Browser is a single binary and can be used as standalone executable. However, it is also available as a [Docker](https://www.docker.com) image. The installation and first time setup is quite straightforward independently of which system you use.
 
-## Quick Setup
+## Binary
 
-The quickest way for beginners to start using File Browser is by opening your terminal and executing the following commands:
+The quickest and easiest way to install File Browser is to use a package manager, or our download script, which automatically fetches the latest version of File Browser for your platform.
 
-### Brew
+=== "Brew"
 
-```sh
+    ```sh
-brew tap filebrowser/tap
+    brew tap filebrowser/tap
-brew install filebrowser
+    brew install filebrowser
-filebrowser -r /path/to/your/files
+    filebrowser -r /path/to/your/files
-```
+    ```
 
-### Unix
+=== "Unix"
 
-```sh
+    ```sh
-curl -fsSL https://raw.githubusercontent.com/filebrowser/get/master/get.sh | bash
+    curl -fsSL https://raw.githubusercontent.com/filebrowser/get/master/get.sh | bash
-filebrowser -r /path/to/your/files
+    filebrowser -r /path/to/your/files
-```
+    ```
 
-### Windows
+=== "Windows"
 
-```sh
+    ```sh
-iwr -useb https://raw.githubusercontent.com/filebrowser/get/master/get.ps1 | iex
+    iwr -useb https://raw.githubusercontent.com/filebrowser/get/master/get.ps1 | iex
-filebrowser -r /path/to/your/files
+    filebrowser -r /path/to/your/files
-```
+    ```
 
-### Configuring
+File Browser is now up and running. Read some [first boot](#first-boot) for more information.
-
-Done! It will bootstrap a database in which all the configurations and users are stored. Now, you can see on your command line the address in which your instance is running. You just need to go to that URL and use the following credentials:
-
-* Username: `admin`
-* Password: (printed in your console)
-
-Although this is the fastest way to bootstrap an instance, we recommend you to take a look at other possible options, by checking `config init --help` and `config set --help`, to make the installation as safe and customized as it can be.
 
 ## Docker
 
 File Browser is available as two different Docker images, which can be found on [Docker Hub](https://hub.docker.com/r/filebrowser/filebrowser).
 
-### Alpine
+=== "Alpine"
 
-```sh
+    The 
-docker run \
+
+    ```sh
+    docker run \
       -v /path/to/srv:/srv \
       -v /path/to/database:/database \
       -v /path/to/config:/config \
       -p 8080:80 \
       filebrowser/filebrowser
-```
+    ```
 
-The default user has PID 1000 and GID 1000. Please make sure that this user has access to the different mounted volumes. To change the user running inside the Docker image, you need to use the [`--user` flag](https://docs.docker.com/engine/containers/run/#user).
+    The default user has PID 1000 and GID 1000. Please make sure that this user has access to the different mounted volumes. To change the user running inside the Docker image, you need to use the [`--user` flag](https://docs.docker.com/engine/containers/run/#user).
 
-### s6 overlay
+=== "s6 overlay"
 
-The `s6` image is based on LinuxServer and leverages the [s6-overlay](https://github.com/just-containers/s6-overlay) system for a standard, highly customizable image. It should be used as follows:
+    The `s6` image is based on LinuxServer and leverages the [s6-overlay](https://github.com/just-containers/s6-overlay) system for a standard, highly customizable image. It should be used as follows:
 
-```shell
+    ```shell
-docker run \
+    docker run \
       -v /path/to/srv:/srv \
       -v /path/to/database:/database \
       -v /path/to/config:/config \
@@ -67,9 +62,7 @@ docker run \
       -e PGID=$(id -g) \
       -p 8080:80 \
       filebrowser/filebrowser:s6
-```
+    ```
-
-### Notes
 
 Where:
 
@@ -78,3 +71,17 @@ Where:
 - `/path/to/database` contains a `filebrowser.db` file
 
 Both `settings.json` and `filebrowser.db` will automatically be initialized if they don't exist.
+
+File Browser is now up and running. Read some [first boot](#first-boot) for more information.
+
+## First Boot
+
+Your instance is now up and running. File Browser will automatically bootstrap a database, in which the configuration and the users are stored. You can find the address in which your instance is running, as well as the randomly generated password for the user `admin`, in the console logs.
+
+> [!WARNING]
+>
+> The automatically generated password for the user `admin` is only displayed once. If you fail to remember it, you will need to manually delete the database and start File Browser again.
+
+Although this is the fastest way to bootstrap an instance, we recommend you to take a look at other possible options, by checking `config init --help` and `config set --help`, to make the installation as safe and customized as it can be.
+
+If your goal is to have a public-facing deployment, we recommend taking a look at the [deployment](deployment.md) page for more information on how you can secure your installation.

www/mkdocs.yml

@@ -97,8 +97,10 @@ extra:
 
 nav:
   - Home: index.md
+  - Getting Started:
     - Installation: installation.md
     - Configuration: configuration.md
+    - Deployment: deployment.md
   - Contributing:
     - Contributing: contributing.md
     - Code of Conduct: code-of-conduct.md