Hey, we @crowdsecurity also would like to add log parser / scenario support. The remediation, however, would purely up to you if you would like to implement we do have golang libraries if not user can use the firewall remediation but would not be effective if they use something like CF.

from zoraxy.

Hi @tobychui , thanks for your reply , but i will tell you why this important
when we enable basic authentication to protect an backend servers , if someone tried brute force attack to get password
we can block it using fail2ban , what do you think ?

from zoraxy.

yes totally agreed we need to integrate with fail2ban

from zoraxy.

Hi @ahmedabokandil, I am just wondering, why you need fail2ban in the first place?
It doesn't seems like it can stop DDOS, or improve security in web serving.
If you need further security features regarding access to the management panel (e.g. 2FA or password-less login), you should be using another business grade reverse proxy before Zoraxy for managing authentication to the management panel.

from zoraxy.

@ahmedabokandil thanks for your explanation.
Fail2ban is an existing project that would alter the firewall rules of the host OS, which is way out of the scope of Zoraxy (as a reverse proxy server). Integrating another huge project into Zoraxy just doesn't make sense on its own.

But if what you mean is something like a maximum retry per preset time period (and the IP get banned if over that retry counts) in the basic auth mechanism, I think it is a valid enhancement request.

from zoraxy.

@tobychui
thanks for reply , totally agree , its very great idea to get dynamic ip banned if over retry counts

But if what you mean is something like a maximum retry per preset time period (and the IP get banned if over that retry counts) in the basic auth mechanism, I think it is a valid enhancement request

from zoraxy.

YEs great feature is implemented Crowdsec ;)

from zoraxy.

Support for crowdsec would be nice.

from zoraxy.