Skip to content

Ioan

My feedback

1 result found

  1. 180 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    Ioan commented  · 

    Till this suggestion will pass the review phase Linux users could use fail2ban (www.fail2ban.org) and Axigen security log (introduced from version 9) to block IP addresses.

    More details about this implementation could be found in [1].

    As @Gabriel has posted the most important issue is to take into consideration that an attack from a NATed PC will trigger a block for the WAN IP and this an increase of support tickets to the server support team will be observed,

    Because of the IPv6 support (which will be introduced with Axigen 10) blocking IPs will be a more difficult process and, in my opinion, a better approach could be to introduce a delay at each failed login (which could double at each failure) making the dictionary password attack nonfunctional.

    [1] https://www.axigen.com/forum/forum/support-discussion-lists/feature-requests/4154-brute-force-fail2ban-style-protection?p=23209#post23209

Feedback and Knowledge Base