[Mailman-Users] Fail2ban on the Mailman web interface
Henrique Fagundes
suporte at aprendendolinux.com
Mon Jun 4 10:03:52 EDT 2018
Thank you friend,
With this, I can configure Fail2Ban to stop the attack.
Block the IP on which you tried to log in without success for more than
three consecutive times.
Regards,
Henrique Fagundes
suporte at aprendendolinux.com
Skype: magnata-br-rj
Linux User: 475399
https://www.aprendendolinux.com
https://www.facebook.com/AprendendoLinux
https://youtube.com/AprendendoLinux
https://twitter.com/AprendendoLinux
https://telegram.me/AprendendoLinux
______________________________________________________________________
Participe do Grupo Aprendendo Linux
https://listas.aprendendolinux.com/listinfo/aprendendolinux
Ou envie um e-mail para:
aprendendolinux-subscribe at listas.aprendendolinux.com
Em 03/06/2018 19:53, Mark Sapiro escreveu:
> Mailman reports all authentication failures to the web server with a 401
> status. Here are some typical messages from the Apache access log.
>
> 45.24.217.241 - - [03/Jun/2018:15:41:23 -0700] "POST
> /mailman/options/LISTNAME HTTP/1.1" 401 4532
> "https://www.example.com/mailman/options/LISTNAME" "Mozilla/5.0 (X11;
> Ubuntu; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0"
>
> 45.24.217.241 - - [03/Jun/2018:15:40:46 -0700] "POST
> /mailman/admindb/LISTNAME HTTP/1.1" 401 2715
> "https://www.example.com/mailman/admindb/LISTNAME" "Mozilla/5.0 (X11;
> Ubuntu; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0"
>
> You should be able to recognize those with fail2ban without any
> modification to Mailman's logging.
More information about the Mailman-Users
mailing list