JMLX42
commented
8 years ago A possible solution for the blacklist would be to have a custom fail2ban action that would call a new /api/scripts/blacklist-ip.js script.
Open JMLX42 opened 8 years ago
JMLX42
commented
8 years ago A possible solution for the blacklist would be to have a custom fail2ban action that would call a new /api/scripts/blacklist-ip.js script.
The CMS makes it easy to add/remove whitelisted/blacklisted IPs. The blacklist/whitelist are managed through iptables. Other apps, such as fail2ban, will also interact with iptables.
We must make sure that the CMS is always up to date with the iptables rules. We must also make sure that
/etc/fail2ban/jail.conf(especiallyignoreipis always up to date with the CMS content).