Fail2ban is a tool that inspects log files and dynamically updates ufw to temporarily block mischief-makers. It has a number of plugins; I've enabled ones for ssh, mysql and nginx. Unfortunately, Openboxes responds to login failures with a 302 redirect instead of a 403, which I think is what fail2ban looks for by default. I've added comments to the config file to that effect.
That being said, these changes should still protect ssh and mysql from a particular flavor of bad actor.
Fail2ban is a tool that inspects log files and dynamically updates
ufw
to temporarily block mischief-makers. It has a number of plugins; I've enabled ones forssh
,mysql
andnginx
. Unfortunately, Openboxes responds to login failures with a 302 redirect instead of a 403, which I think is what fail2ban looks for by default. I've added comments to the config file to that effect.That being said, these changes should still protect ssh and mysql from a particular flavor of bad actor.