Closed JimboJoe closed 5 years ago
Could be implemented now, for example in https://github.com/YunoHost-Apps/wallabag2_ynh/pull/43
So... fixed. To be closed too? :)
No it's not fixed, as far as I know we didn't implement fail2ban rules yet.
Oups, I misunderstood. OK.
Let me know if you need testing. :+1:
As this is a app have Ldap integration, Fail2ban implementation becomes very important. This should be at priority.
Does anyone know how to setup a fail2ban rule ?
There's a helper now to it https://github.com/YunoHost/yunohost/blob/stretch-unstable/data/helpers.d/backend#L292
Only on unstable for the moment though.
Is it worth using an helper that will reach only future versions, assuming that people will update ? Then we should raise the minimum Yunohost version requirement, I guess ? Because if we don't do that, I suppose we need to implement another solution for older version, or just continue not to support fail2ban.
What do you think ? :thinking:
I'd prefer to update yunohost's version requirements (it would be simpler to implement + force people to stay up-to-date).
This help was released with Yunohost 3.5 https://github.com/YunoHost/yunohost/pull/364 https://forum.yunohost.org/t/yunohost-3-5-release-sortie-de-yunohost-3-5/7619/.
Now we can use it and raise the minimum Yunohost version to 3.5.
When Wallabag 2.3.0 gets released, this PR will enable setting a fail2ban rule to get protected against a brute-force attack.