zoraxy icon indicating copy to clipboard operation
zoraxy copied to clipboard
verified publisher icon tobychui

[ENHANCEMENTS] Fail2ban features

Open burjuyz opened this issue 2 years ago • 31 comments

Please consider to add fail2ban for security reasons. As for example you could check SWAG solution

burjuyz avatar Jun 15 '23 10:06 burjuyz

yes totally agreed we need to integrate with fail2ban

ahmedabokandil avatar Sep 03 '23 07:09 ahmedabokandil

Hi @ahmedabokandil, I am just wondering, why you need fail2ban in the first place? It doesn't seems like it can stop DDOS, or improve security in web serving. If you need further security features regarding access to the management panel (e.g. 2FA or password-less login), you should be using another business grade reverse proxy before Zoraxy for managing authentication to the management panel.

tobychui avatar Sep 03 '23 08:09 tobychui

Hi @tobychui , thanks for your reply , but i will tell you why this important when we enable basic authentication to protect an backend servers , if someone tried brute force attack to get password we can block it using fail2ban , what do you think ?

ahmedabokandil avatar Sep 03 '23 09:09 ahmedabokandil

@ahmedabokandil thanks for your explanation. Fail2ban is an existing project that would alter the firewall rules of the host OS, which is way out of the scope of Zoraxy (as a reverse proxy server). Integrating another huge project into Zoraxy just doesn't make sense on its own.

But if what you mean is something like a maximum retry per preset time period (and the IP get banned if over that retry counts) in the basic auth mechanism, I think it is a valid enhancement request.

tobychui avatar Sep 03 '23 09:09 tobychui

@tobychui thanks for reply , totally agree , its very great idea to get dynamic ip banned if over retry counts

But if what you mean is something like a maximum retry per preset time period (and the IP get banned if over that retry counts) in the basic auth mechanism, I think it is a valid enhancement request

ahmedabokandil avatar Sep 03 '23 09:09 ahmedabokandil

Hey, we @crowdsecurity also would like to add log parser / scenario support. The remediation, however, would purely up to you if you would like to implement we do have golang libraries if not user can use the firewall remediation but would not be effective if they use something like CF.

LaurenceJJones avatar Sep 08 '23 12:09 LaurenceJJones

YEs great feature is implemented Crowdsec ;)

barto95100 avatar Nov 16 '23 11:11 barto95100

Support for crowdsec would be nice.

Aerics84 avatar May 05 '24 13:05 Aerics84

I just migrated from NPM to Zoraxy, as now we can have ACL per subdomain, and its awesome.

I agree for crowdsec, it would be so usefull

Thanks again for that amazing project !

Valdun avatar Jun 11 '24 14:06 Valdun

@ahmedabokandil thanks for your explanation. Fail2ban is an existing project that would alter the firewall rules of the host OS, which is way out of the scope of Zoraxy (as a reverse proxy server). Integrating another huge project into Zoraxy just doesn't make sense on its own.

But if what you mean is something like a maximum retry per preset time period (and the IP get banned if over that retry counts) in the basic auth mechanism, I think it is a valid enhancement request.

i need this feature now after my server got GACOR site :( my Password access control has been pwned

mbah-dukun avatar Oct 19 '24 02:10 mbah-dukun