Basic authentication - maximum allowed attempts

[garp]

I've set up a reverse proxy in my DMZ to be able to access my (internal) Domoticz instance from anywhere, securely over TLS. This appears to be working great. I've set up basic authentication (within Domoticz settings) with a long password to secure the access to the actual content.

As security is a large issue, my primary concern now is that a brute force attack on the password on my Domoticz instance is (1) not detected by me, and that (2) no preventive measures are taken to block/slow down the brute force attack.

So my first question is, can something like this (http://stackoverflow.com/questions/3539 ... rial-times) be implemented? Ideally with a 'block offending IP adress for x hours' feature, and preferably as an option to turn the option on or off, as some people don't need this.

The second question would be is it' possible to send a notification email when a brute force attack is detected?

[gizmocuz]

you can install fail2ban

[garp]

I know, and i will. It would be great if that was not necessary, and domoticz could detect that and react by itself, instead of screwing around with fail2ban. Normal users will never get that working.

[Number8]

I have taken another route. I have an L2TP IPSec VPN setup on every devices that need to access Domoticz, including my phone. It proves to be an efficient solution.