[Mailman-Users] Limiting number of failed login attempts
Adam McGreggor
adam-mailman at amyl.org.uk
Mon Oct 5 12:17:35 CEST 2015
On Sun, Oct 04, 2015 at 11:43:55AM +0530, Aditya Jain wrote:
> On Sunday 04 October 2015 07:28 AM, Mark Sapiro wrote:
> > fail2ban runs on (in this case) the machine on which Mailman's web
> > interface runs. It monitors the web server logs and looks for (in this
> > case) a minimum number of 401 errors within a given time window from a
> > single IP and if found uses iptables or similar to block access from
> > that IP for a defined time.
> >
> I run multiple websites on the same IP and same port. Therefore I was
> looking for something that is inside mailman so that access to other
> websites is not blocked in case the attempts were genuine. For now I
> think I can manage with long passwords.
>From the Subject: line, I was going to suggest use of fail2ban…
It doesn't matter if there are other sites/services hosted on the same
machine/address; fail2ban works on patterns matching in logfiles; if
you only want to look at Mailman errors, only configure fail2ban to
look at the Mailman (vhost) logs.
If you've got (brute force attempt) issues from one host / botnet,
preventing access to other things, is surely an added win?
--
"To save the world requires faith and courage: faith in reason,
and courage to proclaim what reason shows to be true."
-- Bertrand Russell
More information about the Mailman-Users
mailing list