How can I implement an bad list in a WebService using PHP

I have an public API how needs authenticat开发者_StackOverflowion and block all users who try brute force...

I'm thinking in log all operations in /var/log/auth.log using syslog, and configure fail2ban to add IP from user in deny list of iptables.

This is a good solution? Any ideas?

If you're writing your log entries in a format similar to many other services, than there's quite a few different services that you could use to block access to your system:

• DenyHosts
• Sshguard
• fail2ban

Sshguard seems quite nice as it has modular backends and supports quite a range of different log formats including: ssh, sendmail, exim, dovecot, pureftpd, and vsftpd.