Protection from brute force attack

What about brute force attack in Manager? Is there mechanism which protect from this type of attack? Maybe fail2ban or other tools ?

Brute force attack on what? Desktop? Server? Cloud? edition

Desktop - possible but highly unlikely as gains would be very small

Server - that the responsibility of the IT management

Cloud - AWS should be handling this

Server version.
I mean brute force attack on program, not on server. How IT management team could protect Manager from this type of attack ? Any instruction ?
I think we could use fail2ban. But I need log file with IP address with failed login. Does Manager login failed attempts?

1 Like

The log file would indeed be nice, or if there is a way we can use google reCAPTCHA on the login page, it would be a great help.

As a temporary solution I’ve connected NGINX https auth proxy which write log to my server and Fail2Ban which parse this log. In this case my users have to login twice. Firs to connect with https auth and second to log in to the Manager. It is not convenient but much more secure if you program opened to the Internet.

do you have a small how to, how to do this/set this up?

1.You need to install NGINX server for you distributive.
For Debian sudo apt-get install nginx

2.Put this configuration to the file /etc/nginx/

server {
listen 8001 ssl; # port for external user
server_name; #URL for external user
ssl on;
ssl_certificate /etc/letsencrypt/live/; #ssl cert
ssl_certificate_key /etc/letsencrypt/live/; #ssl key

ssl_session_timeout 5m;

ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers “HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES”;
ssl_prefer_server_ciphers on;

location / {
auth_basic “Restricted”; #For Basic Auth
auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth
proxy_pass; port where manager is listening on the server machine
error_page 400 497 https://$host:8001$request_uri;

3.Install fail2ban
sudo apt-get install fail2ban

4.Configure fail2ban for nginx_auth

1 Like

nice work. I like it.

Is there any guide to implement it in case of windows 10 os + apache webserver or caddy webserver that I could start reading?

Currently, I used for personal server, using openvpn to connect to my openvpn server which also host manager server software. :smiley: