[pmwiki-users] making brute force attacks more difficult #2
Ian Barton
lists at manor-farm.org
Tue Aug 21 09:32:59 CDT 2007
> May I suggest you to make a recipe with this code and publish it in
> the cookbook ? I am pretty sure there would be a lot of interest for
> it, and we would get more comments/suggestions and reports.
>
> Anyway, I will try this very soon on my own as my logs keep showing
> automated login attempts and I definitely want to stop them.
>
For *nix style servers there is already a solution called fail2ban. From
the READDME:
Fail2Ban scans log files like /var/log/pwdfail and bans IP
that makes too many password failures. It updates firewall
rules to reject the IP address. These rules can be defined by
the user. Fail2Ban can read multiple log files such as sshd
or Apache web server ones.
It's not a pmwiki based solution, but I use it on my own server and it's
very effective.
Ian.
More information about the pmwiki-users
mailing list