[Mailman-Users] Limiting number of failed login attempts
Mark Sapiro
mark at msapiro.net
Sun Oct 4 03:58:21 CEST 2015
On 10/3/15 11:51 AM, Aditya Jain wrote:
>
> Thanks! At the moment I don't have a separate IP for mailman. Therefore
> I cannot use fail2ban. But hopefully, a really long password should be
> enough to discourage a simple brute force.
I'm not sure if you understand fail2ban. See
<http://www.fail2ban.org/wiki/index.php/Main_Page>.
fail2ban runs on (in this case) the machine on which Mailman's web
interface runs. It monitors the web server logs and looks for (in this
case) a minimum number of 401 errors within a given time window from a
single IP and if found uses iptables or similar to block access from
that IP for a defined time.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list