Fail2ban configuration

Xeoma Software

Moderators: Admin_N, Administrator, Admin_P, Admin_K

Fail2ban configuration

Postby Thomsus » Wed Oct 10, 2018 8:15 am

Hi, in order to secure the xeoma web site, beyond the passwords required, I would like to configure fail2ban (for Linux hosts). This will stop dictionary attacks etc. So, does anybody knows how to configure fail2ban for this?
Thomsus
 
Posts: 9
Joined: Tue Aug 21, 2018 8:36 pm

Re: Fail2ban configuration

Postby Admin_P » Wed Oct 10, 2018 9:48 am

Hello! I believe Fail2Ban works in combination with Apache, which can be used with Xeoma's Web Server too (here is an article on that). So, by employing Apache, you should be able to use Fail2Ban as well.
Admin_P
 
Posts: 245
Joined: Wed Aug 24, 2016 1:49 pm

Re: Fail2ban configuration

Postby skylord123 » Mon Nov 12, 2018 7:54 pm

Configuring fail2ban is pretty trivial.

I had a forum post a while ago asking a similar question but more along the lines of where the log file was and what format it uses. If you find that post you can see how log messages are stored so you can build the filter.

I just haven't bothered yet because all my passwords are 32+ characters.
skylord123
 
Posts: 32
Joined: Fri Jun 02, 2017 5:18 pm

Re: Fail2ban configuration

Postby Thomsus » Wed Nov 28, 2018 7:19 am

I have setup a reverse proxy for pre-authentication of http requests to Xeoma. I used Apache for a similar task a year ago, but NGINX this time. They are quite similar in reverse proxy matters.

It works partially; I get prompted for authentication on the reverse proxy. Once authenticated I successfully see the Xeoma web site where I enter username and password. Then things stop :-(
I see Xeoma puts the username and password in the URL, making a http redirection somehow, and then it gets back to the login web site. So, I once again get prompted for username and password. I can repeat this over and over. So, it seems like the Xeoma URL redirection is incompatible with reverse proxy.

Felenasoft: If you contact me by mail, I can setup a user account for you, for quick testing, if you like.
Thomsus
 
Posts: 9
Joined: Tue Aug 21, 2018 8:36 pm

Re: Fail2ban configuration

Postby Admin_P » Fri Dec 07, 2018 10:23 am

Hello, Thomsus! There is a known issue with some of the pages of the Web Server not being displayed, when proxy is utilized. We are working on fixing that.
Admin_P
 
Posts: 245
Joined: Wed Aug 24, 2016 1:49 pm


Return to Xeoma - General discussion

Who is online

Users browsing this forum: Google [Bot] and 15 guests

cron