Basic authentication - maximum allowed attempts
Posted: Monday 28 March 2016 15:17
I've set up a reverse proxy in my DMZ to be able to access my (internal) Domoticz instance from anywhere, securely over TLS. This appears to be working great. I've set up basic authentication (within Domoticz settings) with a long password to secure the access to the actual content.
As security is a large issue, my primary concern now is that a brute force attack on the password on my Domoticz instance is (1) not detected by me, and that (2) no preventive measures are taken to block/slow down the brute force attack.
So my first question is, can something like this (http://stackoverflow.com/questions/3539 ... rial-times) be implemented? Ideally with a 'block offending IP adress for x hours' feature, and preferably as an option to turn the option on or off, as some people don't need this.
The second question would be is it' possible to send a notification email when a brute force attack is detected?
As security is a large issue, my primary concern now is that a brute force attack on the password on my Domoticz instance is (1) not detected by me, and that (2) no preventive measures are taken to block/slow down the brute force attack.
So my first question is, can something like this (http://stackoverflow.com/questions/3539 ... rial-times) be implemented? Ideally with a 'block offending IP adress for x hours' feature, and preferably as an option to turn the option on or off, as some people don't need this.
The second question would be is it' possible to send a notification email when a brute force attack is detected?