[TYPO3-english] Preventing brute-force attacks in FE login form
RDE Wiesbaden
gr2 at ipw.net
Tue Jan 24 15:58:47 CET 2012
Oliver Salzburg schrieb:
>
> If your setup allows it, you could utilize fail2ban for this.
> There are several examples of this online. One would be this:
> http://www.illutzmination.de/typo3-fail2ban.html?&L=1
Hi Oliver
this fail2ban hint is partially outdated, the mass of root logins are comming
from hundreds or thousands of ip-numbers within minutes within one hour.
the chinese and the russians are using server farms around the world
as we found out. fail2ban did not (cannot !!) recognize that
and they run 2 minutes spikes and 10 minutes pause
currently they are tricking out our protection.
we are searching for an update too.
--
best regards
Gert Redlich
More information about the TYPO3-english
mailing list