Zimbra Forums

Zimbra Collaboration & Zimbra Desktop Forums
https://forums.zimbra.org/

Blocking of IP addresses trying to login

https://forums.zimbra.org/viewtopic.php?f=15&t=66071

Page 1 of 1

Blocking of IP addresses trying to login

Posted: Fri Apr 26, 2019 7:59 pm
by mfehr
I regularly face situations where some accounts change into a lockout mode due to external servers trying to login guessing passwords. While the lockout prevents the attacker to run many password attempts, the affected user is frustrated as he is not able to login anymore until his account is unlocked again.

Is there a way to identify and block the IP address where the failed attempts are coming from as well as raise an alert via mail and clear identification in a log file?

What is best practice to block repeated failed logins?

Re: Blocking of IP addresses trying to login

Posted: Sat Apr 27, 2019 11:25 am
by phoenix
How about searching the forums and wiki on how to configure fail2ban to achieve a solution?

Re: Blocking of IP addresses trying to login

Posted: Fri May 03, 2019 5:27 pm
by mfehr
Great hint. Fail2ban looks very promising. I'll give it a try.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/