On 2017-08-30 10:20, Per Jessen wrote:
Paul Groves wrote:
Is it possible to limit the number of login attempts allowed with authnz_external in apache2
i.e. after 3rd failed attempt to deny
currently it just pops up forever, which of course leaves it easily accessible by brute force attacks.
Time delay?
To my knowledge, there is no way to do that in Apache. Maybe with fail2ban?
With SuSEfirewall, I believe. ## Type: string ## Default: # # Services to allow. This is a more generic form of FW_SERVICES_XXX_{IP,UDP,TCP} # and more specific than FW_TRUSTED_NETS # # Format: space separated list of net,protocol[,dport[,sport[,flags]]] # Example: "0/0,tcp,22" # # Supported flags are # hitcount=NUMBER : ipt_recent --hitcount parameter # blockseconds=NUMBER : ipt_recent --seconds parameter # recentname=NAME : ipt_recent --name parameter # Example: # Allow max three ssh connects per minute from the same IP address: # "0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh" Most people use this to limit ssh connection as per the example, but I understand you can use it for any port. The problem, for people like me, is that the SuSEfirewall does not face outside, that's the job of the ISP router. I'm not even sure that the machine inside logs the external IP (there is NAT). -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar)