nginx auth_basic fails/"401 Unauthorized" attempts are not being banned by crowdsec #1269
Replies: 4 comments 1 reply
-
|
It is expected behaivior |
Beta Was this translation helpful? Give feedback.
-
|
nginx has no function to limit basic auth attempts |
Beta Was this translation helpful? Give feedback.
-
|
You could use crowdsec, it parses the logs and bans ips with to many retries |
Beta Was this translation helpful? Give feedback.
-
|
Sorry, I forgot to mention that crowdsec is enabled. When using npmplus nginx "auth_basic" with "'Allow access if at least one authorization method succeeded'", crowdsec is not banning the IP, I can attempt multiple times without being blocked. However, when the application uses its own authentication and returns a 401/403 status code, Crowdsec is banning the IP as expected, by nginx logs. (it show crowdsec ban page) |
Beta Was this translation helpful? Give feedback.
-
|
Interesting, my idea would be that there is nothing logged in this case, but not sure, needs to be checked |
Beta Was this translation helpful? Give feedback.
-
Thank you for maintaining this awesome project! (:
Setting
and 'user/pass' for 'auth_basic'
The credentials prompt is displaying, but I can attempt multiple times without being blocked.
I think its not expected behavior?
Applications using custom authentication that return 403/401 Forbidden/Unauthorized responses are functioning as expected after repeated attempts.
Beta Was this translation helpful? Give feedback.
All reactions