Am 29.07.2017 um 20:29 schrieb mj:
Hi Doug,
On 07/29/2017 07:44 PM, Doug Barton wrote:
Instead, take a look at the fail2ban scenarios in this thread, which solve the actual problem with a precision tool, instead of a hammer.
I have implemented (most of) those as well, and additionally choose to also block certain countries. It helps tremendously.
MJ
You can only use strict geoip blocking as long as your users do not travel so this is not a solution in most cases.
But you can use geoip in an "anomal filter" which compares more informations i.e a user is recent logged in germany so normally he dont want to be logged in from china at the same time, additional count bad logins using some magic formula and he will blocked auto etc, this will prevent hacking and abuse accounts too.
Best Regards MfG Robert Schetterer
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG, 80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein