[Mailman-Users] Brute force attacks on mailman web ui
mailman-admin at uni-konstanz.de
Mon Apr 16 03:08:43 EDT 2018
Am 16.04.2018 um 00:53 schrieb Steven Jones:
> We are currently under brute force attack on our mailman server's web ui.
> Is there anything / feature that Mailman has that can be used to watch/monitor it?
> Sadly I think we'll have to remove it off the Internet.....
This is not a mailman specific problem.
Brute Force attempts can only be mitigated by e.g. fail2ban.
It monitors your log files and will block access for IPs that try to
login too often with invalid credentials for a short time.
This will only catch IPs which try multiple times.
A DDoS with constantly changing IPs will still hurt you.
More information about the Mailman-Users