[SOLVED] Prevent bruteforce on webgui

[xcooling]

Due to proxmox developers not implementing bruteforce protection on the webgui, how are you protecting your webgui from attack ?

Prevent Brute-forcing of logins for Proxmox 2 +
guide is here: http://extremeshok.com/blog/?page_id=810

 

[e100]

We put the web GUI on a private network and use openvpn to access that network.

 

[cle.ram]

Why don't you use fail2ban? there is already a thread for getting started here (you have to adapt it for 2.x, though)

 

[xcooling]

The webgui does NOT log failed login attempts to /var/log/apache2/access.log , this is why fail2ban does not work on proxmox2.

how are you protecting your webgui from attack ?

 

[TheReelaatiiv]

This is how i do it:
http://forum.proxmox.com/threads/3583-How-To-implement-Fail2Ban-on-Host?p=56296#post56296

 

[xcooling]

Prevent Brute-forcing of logins for Proxmox 2 +
guide is here: http://extremeshok.com/blog/?page_id=810

 

[liane]

very useful, thanks a lot.

I'd just suggest you put the fail2ban config in jail.local (you might have to create this file) instead of jail.conf, to avoid potential problems when you'll update fail2ban

 

[xcooling]

good suggestion, guide has been updated