Comments (8)
Hey, we @crowdsecurity also would like to add log parser / scenario support. The remediation, however, would purely up to you if you would like to implement we do have golang libraries if not user can use the firewall remediation but would not be effective if they use something like CF.
from zoraxy.
Hi @tobychui , thanks for your reply , but i will tell you why this important
when we enable basic authentication to protect an backend servers , if someone tried brute force attack to get password
we can block it using fail2ban , what do you think ?
from zoraxy.
yes totally agreed we need to integrate with fail2ban
from zoraxy.
Hi @ahmedabokandil, I am just wondering, why you need fail2ban in the first place?
It doesn't seems like it can stop DDOS, or improve security in web serving.
If you need further security features regarding access to the management panel (e.g. 2FA or password-less login), you should be using another business grade reverse proxy before Zoraxy for managing authentication to the management panel.
from zoraxy.
@ahmedabokandil thanks for your explanation.
Fail2ban is an existing project that would alter the firewall rules of the host OS, which is way out of the scope of Zoraxy (as a reverse proxy server). Integrating another huge project into Zoraxy just doesn't make sense on its own.
But if what you mean is something like a maximum retry per preset time period (and the IP get banned if over that retry counts) in the basic auth mechanism, I think it is a valid enhancement request.
from zoraxy.
@tobychui
thanks for reply , totally agree , its very great idea to get dynamic ip banned if over retry counts
But if what you mean is something like a maximum retry per preset time period (and the IP get banned if over that retry counts) in the basic auth mechanism, I think it is a valid enhancement request
from zoraxy.
YEs great feature is implemented Crowdsec ;)
from zoraxy.
Support for crowdsec would be nice.
from zoraxy.
Related Issues (20)
- [HOW-TO] How do I add url rewrite directives HOT 2
- [BUG] SMTP login options HOT 2
- [BUG] New Access Control feature returns error on Default rule HOT 9
- [ENHANCEMENTS]Show LAN IP as "LAN" and not some other countries HOT 5
- [ENHANCEMENTS] Forward Auth HOT 2
- [BUG] Statistics are not saved, starting from zero after restart of the docker image HOT 6
- [BUG] Uses docker network instead of real network for Whitelist HOT 8
- [ENHANCEMENTS] Zrok support (similar to ZeroTier, FOSS) HOT 2
- [ENHANCEMENTS] Promox Support? HOT 1
- [BUG] Proxy rules requiring TLS don't connect after 3.0.3 HOT 6
- [BUG] Zoraxy redirects to HTTPS and fails to load HOT 2
- [BUG] High cpu usage on big file download HOT 5
- [QUESTION] Performance HOT 3
- [ENHANCEMENTS] UDP Tunneling / Proxy HOT 3
- Start automatically after boot HOT 4
- [BUG] Downstream proxy server is online with misconfigured settings
- Migrating NPM to Zoraxy HOT 7
- [ENHANCEMENTS] Configure reverse proxy using docker labels HOT 8
- "Waiting for DNS record propagation." and possible split DNS issue
- Add version info to footer or even better add apt repository HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zoraxy.