If this container is public facing it would be a good idea to have fail2ban configured to block brute force and password spray attacks.
It should be possible to add a fail2ban container to docker-compose.yml and mount the novnc logs from the tor-browser container. Not sure yet what would be the best way to ban IPs. I use CloudFlare as a proxy and they have a fail2ban action to block it at their frontend, but most people using this would probably need a local block action. I'll do some research and find a universal solution.
If this container is public facing it would be a good idea to have fail2ban configured to block brute force and password spray attacks.
It should be possible to add a fail2ban container to
docker-compose.yml
and mount the novnc logs from the tor-browser container. Not sure yet what would be the best way to ban IPs. I use CloudFlare as a proxy and they have a fail2ban action to block it at their frontend, but most people using this would probably need a local block action. I'll do some research and find a universal solution.