How to protect ajenti from brute force?

K

Kirill Kazakov2016-03-16 04:28:57

System administration

Kirill Kazakov, 2016-03-16 04:28:57

How to protect ajenti from guessing passwords?
Not fully understood with the configuration file ... maybe there is a setting there?
Maybe add a rule to fail2ban, but for some reason ajenti does not write information about unsuccessful login attempts to auth.log?
Webmin has a standard setting to block ip from brute force ...
So far I have only changed the port.
Ajenti is the latest version. There is ssh access.
2) Another question for those who used this product, how to give rights to some modules to a new user ajenti?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

N

nirvimel, 2016-03-16
@nirvimel

I work with any web panels (including Ajenti) like this:
Example (relevant snippet) of Ajenti config:

"bind": {
        "host": "127.0.0.1", 
        "port": 4666
    },

PS: All port numbers and domain names are fictitious, any matches are pure coincidence.

D

Dmitry, 2016-03-16
@plin2s

Fail2ban is the right tool for this purpose. The process does not have to write information to auth.log.
It will be enough to set up (or look for a ready-made version) the config for parsing the log in which the program writes about unsuccessful authorization attempts.
Examples can be found in the configuration files folder fail2ban ./filter.d The structure is quite simple: the path to the log and failregex is specified.