Our great sponsors
-
I'd like to be able to ban users for certain actions, such as attempting to spam passwords. I have rate-limited set up already, but it seems weird that I would allow repeat offenders to just keep trying, even at a limited rate. My server has Fail2Ban set up and it will ban users based on the nginx log files, but I don't see how I can pipe errors to those files from Flask. I found this nifty extension - flask-ipban - but it appears to work off its own distinct log file. I presume that this means the nefarious user would still be able to attempt to hit those endpoints, which I presume would still take up some server resources (maybe I'm wrong here).
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
You could try out https://crowdsec.net. It’s an advanced FOSS framework for detecting a number of different attacks and not limited to just brute force attacks like Fail2Ban as /u/nonself suggests. The basic concept of CrowdSes is that it reads log, detects attacks, mitigates attacks (CrowdSec integrates directly into the Flask application) and shares information about those attacks with everyone else using CrowdSec. Disclaimer: I am head of community at CrowdSec so my opinions may be a little biased :-)