Jan. 30, 2010
1:02 a.m.
Mark Hedges wrote:
Hi... is there any possibility a post with a bad password could return 401 instead of 200... that way fail2ban would automatically block bots that try to hack list manager passwords.
In Mailman/Cgi/Auth.py in the definition of loginpage find
if msg:
msg = FontAttr(msg, color='#ff0000', size='+1').Format()and append
print '401 Unauthorized\n'to make it
if msg:
msg = FontAttr(msg, color='#ff0000', size='+1').Format()
print '401 Unauthorized\n'This is entirely untested, but should work for both failed admin and admindb logins.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan