Hi Joseph,
On 07/18/2017 11:10 PM, Joseph Tam wrote:
However, it seems almost all IPs are different, and I don't think I can
keep the above settings permanently.
Why not? Limited by firewall rules overload? You could probably use
a persistent DB, can't you?
I meant: keep the "block after the first failed attempt" setting. People
need the chance to change their password, so I have increased it to two.
You can also use a third party RBL that specialized in brute forcers like
blocklist.de. You can also feed back fail2ban data and crowdsource BFD
data to them.
Yes, I will look into that now.
Thanks!
