security: brute force login
Hi Amogelang, I'd recommend using a general purpose tool like fail2ban for this. Here's a quick getting started guide that might help if you're using nginx: https://www.digitalocean.com/community/tutorials/how-to-protect-an-nginx-ser... -Dannon On Mon, Jan 4, 2016 at 2:13 PM, Raphenya, Amogelang <raphenar@mcmaster.ca> wrote:
Hi All,
How can I prevent brute force login attack on the login page?
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
Amogelang: Needless to say that you probably want to protect on your webserver side (nginx is expected in the example by Dannon) as opposed to the Galaxy application side. If you are really serious about this you should probably ask in a different place than here e.g. at http://security.stackexchange.com/ and research other reputable sources as our experience with this would be limited. Thanks for using Galaxy. Martin On Mon, Jan 4, 2016 at 2:16 PM Dannon Baker <dannon.baker@gmail.com> wrote:
Hi Amogelang,
I'd recommend using a general purpose tool like fail2ban for this. Here's a quick getting started guide that might help if you're using nginx: https://www.digitalocean.com/community/tutorials/how-to-protect-an-nginx-ser...
-Dannon
On Mon, Jan 4, 2016 at 2:13 PM, Raphenya, Amogelang <raphenar@mcmaster.ca> wrote:
Hi All,
How can I prevent brute force login attack on the login page?
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
If you're using apache, mod_evasive is quite popular for this purpose. On 01/04/2016 01:27 PM, Martin Čech wrote:
Amogelang:
Needless to say that you probably want to protect on your webserver side (nginx is expected in the example by Dannon) as opposed to the Galaxy application side.
If you are really serious about this you should probably ask in a different place than here e.g. at http://security.stackexchange.com/ and research other reputable sources as our experience with this would be limited.
Thanks for using Galaxy.
Martin
On Mon, Jan 4, 2016 at 2:16 PM Dannon Baker <dannon.baker@gmail.com <mailto:dannon.baker@gmail.com>> wrote:
Hi Amogelang,
I'd recommend using a general purpose tool like fail2ban for this. Here's a quick getting started guide that might help if you're using nginx: https://www.digitalocean.com/community/tutorials/how-to-protect-an-nginx-ser...
-Dannon
On Mon, Jan 4, 2016 at 2:13 PM, Raphenya, Amogelang <raphenar@mcmaster.ca <mailto:raphenar@mcmaster.ca>> wrote:
Hi All,
How can I prevent brute force login attack on the login page?
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
-- Eric Rasche Programmer II Center for Phage Technology Rm 312A, BioBio Texas A&M University College Station, TX 77843 404-692-2048 esr@tamu.edu
participants (4)
-
Dannon Baker -
Eric Rasche -
Martin Čech -
Raphenya, Amogelang