Here we're on 24.05, with no issue. But I use drastic measures, an
array of them accumulated over years.
First of all: there are many $$ services that do very well the job, and
would make sense for individual entities. For service providers like
us, that could become expensive.
Many hacks with *MaxMindDB* to redirect all non-canadian traffic
targeting our city (public) libraries. But for institutions
(universities, hospitals) wanting to stay open to the world, I analyse
all IPs in /var/log/apache2/other_vhosts_access.log and group the IPs by
/16 and /24 to catch all the spreaders (1 call from each of 255
different IP for example) and block them automatically with *ufw*.
And very important for a small company like us, not specialized in
security: _I do not care about collateral damages_. If something needs
to be unblocked, I create a new rule manually with ufw.
Part proactive (allowing only CA, or redirecting automatically CN, RU,
etc...), part reactive (waiting for enough calls to come in, and
batch-blocking at midnight). Whatever get through doesn't impact
performance, and that's all that matter to us in the end.
Logo inLibro <https://inLibro.com> Philippe Blouin
Directeur de la technologie
T 833-INLIBRO (465-4276) <tel:833-465-4276>, poste 230
C philippe.blo...@inlibro.com
www.inLibro.com <https://inLibro.com>
On 2025-03-18 09:07, Magnus Enger wrote:
Kia ora!
Den 18.03.2025 13:59, skrev Fairlamb, Christina:
Hello,
Koha 24.11.01
Not strictly a Koha problem but something I know a lot of Koha users
face.
After years of running happily with fail2ban and robots.txt blocking
bots/crawlers, the security seems to have passed. We've been getting
more
and more bots of late switching IPs before bans can take place, perhaps
they could be ddos, either way grinding koha to a halt. I've had to
switch
OPACPublic to disable for now. I can't find much about securing a server
against these types of hits. Does anyone else running a small server
have
any guidance on what could be done/the next steps? I'd ideally like
to keep
the OPAC public.
Not much help, but I know this will be a topic for discussion in
Marseille, in a couple of weeks. Maybe some good advice can come from
that.
Best regards,
Magnus
_______________________________________________
Koha mailing list http://koha-community.org
Koha@lists.katipo.co.nz
Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
_______________________________________________
Koha mailing list http://koha-community.org
Koha@lists.katipo.co.nz
Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
