Access Security

[MarcS1975]

Is it possible to add fail2ban to the docker stack as it would reduced the risk of brute force attacks. Since most poeple have their notes exposed publicly. Or are there any other security features already built into flatnotes to protect from attacks? Many thanks for your consideration.

[dullage]

Hey @MarcS1975. I've no plans to add fail2ban to the container but there are some things that can be done.

Firstly, if you have flatnotes in front of a reverse proxy like nginx then you should be able to use fail2ban with nginx's logs for protection.

With the right config, you may also be able to setup fail2ban to parse the logs from the flatnotes container. This is beyond my knowledge of fail2ban though.

Lastly, in terms of other brute force protections, you could enable 2FA in flatnotes.

I hope this helps.

[MarcS1975]

Hi. Thanks for those tips. I will look into the reverse proxy fail2ban option. Didn’t know that can be done. Thanks !

On Tue, 29 Oct 2024 at 21:18, Adam Dullage @.***> wrote:

Hey @MarcS1975 https://github.com/MarcS1975. I've no plans to add fail2ban to the container but there are some things that can be done.

Firstly, if you have flatnotes in front of a reverse proxy like nginx then you should be able to use fail2ban with nginx's logs for protection.

With the right config, you may also be able to setup fail2ban to parse the logs from the flatnotes container. This is beyond my knowledge of fail2ban though.

Lastly, in terms of other brute force protections, you could enable 2FA in flatnotes.

I hope this helps.

— Reply to this email directly, view it on GitHub https://github.com/dullage/flatnotes/issues/257#issuecomment-2445348373, or unsubscribe https://github.com/notifications/unsubscribe-auth/AMNNHGXUFXEDWTZJ5QRY3NDZ573Q5AVCNFSM6AAAAABQVYC4T6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDINBVGM2DQMZXGM . You are receiving this because you were mentioned.Message ID: @.***>