19 Jul
2017
19 Jul
'17
1:38 p.m.
Hi Joseph,
On 07/18/2017 11:10 PM, Joseph Tam wrote:
However, it seems almost all IPs are different, and I don't think I can keep the above settings permanently.
Why not? Limited by firewall rules overload? You could probably use a persistent DB, can't you? I meant: keep the "block after the first failed attempt" setting. People need the chance to change their password, so I have increased it to two.
You can also use a third party RBL that specialized in brute forcers like blocklist.de. You can also feed back fail2ban data and crowdsource BFD data to them. Yes, I will look into that now.
Thanks!