[Mailman-Users] Limiting number of failed login attempts
mark at msapiro.net
Sun Oct 4 03:58:21 CEST 2015
On 10/3/15 11:51 AM, Aditya Jain wrote:
> Thanks! At the moment I don't have a separate IP for mailman. Therefore
> I cannot use fail2ban. But hopefully, a really long password should be
> enough to discourage a simple brute force.
I'm not sure if you understand fail2ban. See
fail2ban runs on (in this case) the machine on which Mailman's web
interface runs. It monitors the web server logs and looks for (in this
case) a minimum number of 401 errors within a given time window from a
single IP and if found uses iptables or similar to block access from
that IP for a defined time.
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users