Subsonic has an undocumented feature where if you have basic HTTP authentication that uses the same credentials as the subsonic user, it effectively replaces the built in authentication.
I prefer using this with Subsonic since it makes it easy to hook into fail2ban to prevent brute force attacks. DSub has support for this, see https://github.com/memen45/SubMusic/issues/46 for some additional details where support for it was added to a Subsonic app for Garmin watches.
I was searching around and didn't see any mention of basic HTTP authentication for gonic. Is that something that could be supported? How are others preventing brute force logic attacks against their gonic servers?
Subsonic has an undocumented feature where if you have basic HTTP authentication that uses the same credentials as the subsonic user, it effectively replaces the built in authentication.
I prefer using this with Subsonic since it makes it easy to hook into fail2ban to prevent brute force attacks. DSub has support for this, see https://github.com/memen45/SubMusic/issues/46 for some additional details where support for it was added to a Subsonic app for Garmin watches.
I was searching around and didn't see any mention of basic HTTP authentication for gonic. Is that something that could be supported? How are others preventing brute force logic attacks against their gonic servers?