Does Fail2Ban monitor the YunoHost dashboard?

My YunoHost server

Hardware: VPS bought online
YunoHost version: 11.0.9.15
I have access to my server : Through SSH
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Hi guys,

hope you had a nice weekend. The question in the title popped up in my head a while ago but I never got the chance to research it deeper. Any idea if that is true? The dashboard is really easily to check for by a bot and perform attacks if the yunohost-api is enabled. That’s why I keep it disabled when I don’t use it (which is most of the time).

Thanks!

Yes, there are fail2ban rules that are supposed to catch brute force attempts on both the yunohost-api and yunohost user portal

(And even if there werent, if you’re using robust passwords then bots will still get bored of trying every password combinations)

2 Likes

In addition to Fail2Ban I’ve also found the OpenSource CrowdSec (free, full featured community version) to be very useful.

CrowdSec doesn’t have anything specific to Yunohost, but does offer very good protection overall.

Additionally it shares attacks with all instances of CrowdSec. Currently there are over 16,000 IPs on the community blacklist. It’s updated continuously 24/7.

Plus it’s quick and simple to install. Since there is YunoHost doesn’t know about it, install and updates need to be done at the command line.

I’ve no connection with CrowdSec other than I’ve been using it since it was in Alpha.

Well worth a look if you are comfortable with the CLI of your server.

https://www.crowdsec.net/product/agent

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.