TheBeast Posted March 25, 2021 Share Posted March 25, 2021 i have a Qnap nas and i want somthing like this in unraid i its dansih within xx min and xx failed attempts then ban for xx number of times or lifetime and opportunity to limeted to ex "Danmark" ip's so no from other country can Access my server TheBeast 1 Quote Link to comment
BRiT Posted March 25, 2021 Share Posted March 25, 2021 Exactly. Give us the ability to flat out ban connections from certain countries or white-list only certain countries. For a US server I would ban everything outside of North America (US and Canada). For Europe I would ban anything in China, Russia, India or other Hotspot hacker regions for a start. Quote Link to comment
prune Posted May 20, 2021 Share Posted May 20, 2021 +1 I would like to be able to see somewhere all failed login attempts on Unraid services Quote Link to comment
Sander0542 Posted September 7, 2021 Share Posted September 7, 2021 This would be a great feature for the Unraid 6.10 security update. 1 Quote Link to comment
Flubster Posted September 7, 2021 Share Posted September 7, 2021 I maybe being dense here, but the UnRAID GUI should not be accessible from the internet anyway so what benefit would this have? Services should be behind reverse proxies - and using SWAG / NPM (I personally use SWAG but assume its in NPM) fail2ban is implemented, as well as geoip database lookups to block country subnets etc. 1 1 Quote Link to comment
BRiT Posted September 7, 2021 Share Posted September 7, 2021 It would be for more than just the UI. 1 Quote Link to comment
DigitalGoddess Posted November 7, 2021 Share Posted November 7, 2021 I'm a huge fan of fail2ban. Never assume that your perimeter is impenetrable. Treat everything like it's the interwebz. I've seen really serious compromises that happened through copiers, coffee makers, lights, cameras, refrigerators, door alarms, and cash registers. Assume for a moment that a family member invites someone over. Should that guest's cell phone be able to surf your network and map all your drives? Maybe download your tax returns or your medical records? 1 Quote Link to comment
Djeen Posted June 22, 2022 Share Posted June 22, 2022 +1 I know it's not recommanded to open unraid on the net, but docker + traefik + a little of magic .... Quote Link to comment
ich777 Posted June 24, 2022 Share Posted June 24, 2022 On 6/22/2022 at 6:11 PM, Djeen said: docker + traefik + a little of magic I see the issue there... traefik... Use SWAG and you get Fail2Ban and the option to use Authelia in combination with F2B. Quote Link to comment
iXNyNe Posted July 5, 2022 Share Posted July 5, 2022 I mentioned in discord over the weekend that I keep seeing suggestions against exposing unRAID to the internet in any capacity, but the My Servers plugin comes with a built in option to do exactly that (expose the web UI to the internet to allow remote access), and exposing SSH to the internet can be done very safely and easily if you prohibit password login as root via ssh. Either way, it would be insanely beneficial to have fail2ban natively on unRAID, either with some standard configurations for SSH and HTTP/HTTPS, or with some easy to enable examples and instructions. SWAG is great, I use it, I contribute to the project, but native support would be greatly appreciated. Quote Link to comment
cj0r Posted July 19, 2022 Share Posted July 19, 2022 +1 Would love to see f2b built into Unraid. As mentioned above, as soon as the My Servers plugin started becoming a thing, I feel like fail2ban should have also had a native roll out. There's a lot of users out there and a whole bunch of them aren't aware of the security risks involved in exposing any part of their server to the outside world. f2b would be one more layer to protect them. Quote Link to comment
iXNyNe Posted July 21, 2022 Share Posted July 21, 2022 I decided to do something about it. While I don't have a solution to run fail2ban directly on the native OS, I am now successfully running a docker container capable of applying iptables bans at the host level and I am protecting unRAID's web GUI and SSH (and other things running in other docker containers). I plan to share this project as an lsio image in the near future. I have everything functional complete and I am working on documentation. I'll try to remember to reply here when I have a proper release available. Quote Link to comment
iXNyNe Posted August 10, 2022 Share Posted August 10, 2022 https://github.com/linuxserver/docker-fail2ban Is now available in CA, and comes with config examples to protect unRAID's sshd and web GUI. Quote Link to comment
ds9 Posted August 21, 2022 Share Posted August 21, 2022 Crowdsec is also another option : https://www.linuxserver.io/blog/blocking-malicious-connections-with-crowdsec-and-swag Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.