Re: [Mailman-Users] Limiting number of failed login attempts

Hi, Thanks for pointing me to the manual. On Sunday 04 October 2015 07:28 AM, Mark Sapiro wrote: > I'm not sure if you understand fail2ban. See > . > > fail2ban runs on (in this case) the machine on which Mailman's web > interface runs. It monitor

Re: [Mailman-Users] Limiting number of failed login attempts

On 10/3/15 11:51 AM, Aditya Jain wrote: > > Thanks! At the moment I don't have a separate IP for mailman. Therefore > I cannot use fail2ban. But hopefully, a really long password should be > enough to discourage a simple brute force. I'm not sure if you understand fail2ban. See

Re: [Mailman-Users] Limiting number of failed login attempts

Hi, Thanks! At the moment I don't have a separate IP for mailman. Therefore I cannot use fail2ban. But hopefully, a really long password should be enough to discourage a simple brute force. Thanks & Regards Aditya Jain On Saturday 03 October 2015 06:44 PM, Mark Sapiro wrote: > On 10/2/15 3:00 PM

Re: [Mailman-Users] Limiting number of failed login attempts

On 10/2/15 3:00 PM, Aditya Jain wrote: > > Is there a way in which I can limit the number of failed login attempts > to the archive to prevent a brute force attempt? In recent Mailman, both the private CGI and the options CGI return a 401 Unauthorized status for a failed login. This makes it eas

[Mailman-Users] Limiting number of failed login attempts

Hi All, Greetings for the day! I am currently using mailman package from debian repository. I use mailman for a number of private mailing lists. The archives of these mailing lists is also private. Most of the members of these mailing lists do not change their default mailman passwords, which in