I am a beginner at setting up servers, and I would like to add some form of protection against bots/bruteforce authentication.
-
Does anyone have a fail2ban config for the kanboard error logs that they don’t mind sharing? I have been trying to set it up but the regex stumps me.
-
Is there a way to display captcha/lockouts for incorrect USERNAME bruteforces? Right now, Kanboard only tracks the max-retry value for each USERNAME, but does not protect against bruteforces searches of USERNAMES. Similar question to #3642. I have tried looking through the codebase under
AuthValidator.php,AuthController.phpandAuthSubscriber.phpbut I dont see an easy way to track the number of retries.