Mark Deibert Posted October 4, 2019 Share Posted October 4, 2019 I have veeeery strong password on the root login in the webGui. But, how many times can a person try to login to the webUi and fail before it blocks them or locks somehow? Am I making sense? 😕 Quote Link to comment
JonathanM Posted October 4, 2019 Share Posted October 4, 2019 AFAIK, the login attempts can continue until the syslog fills up RAM and crashes the server. Â The webGUI MUST be secured behind some secondary security, it must not be directly exposed to the internet or a network where devices aren't reasonably able to be trusted. 1 Quote Link to comment
Mark Deibert Posted October 4, 2019 Author Share Posted October 4, 2019 Damn that sucks. I wanted to access it remotely, but I guess not. Ok, I'll remove the router forward. Thank you @jonathanm Quote Link to comment
Hoopster Posted October 4, 2019 Share Posted October 4, 2019 (edited) 28 minutes ago, Mark Deibert said: Damn that sucks. I wanted to access it remotely, but I guess not. Ok, I'll remove the router forward. Thank you @jonathanm I currently have my GUI secured and accessible through OPenVPN and ZeroTier. You definitely do not want to expose it to the Internet directly.  Apparently, the upcoming 6.8 release has a WireGuard implementation and may provide remote access to the GUI as well.  Forms-based webGUI authentication: now compatible with most password managers. WD-Discovery support: for reliable Windows Network explorer listing of your server and eliminates need for SMBv1 on your network. WireGuard support: for easy configuration of VPN tunnels (experimental). Numerous bug fixes and package updates. Introducing Unraid.net a set of web-based services including: Server status such as online/offline, storage used/available, etc. Links for local and remote access to your server webGUI. Backup and Restore of your USB Flash boot device. Edited October 4, 2019 by Hoopster Quote Link to comment
Mark Deibert Posted October 7, 2019 Author Share Posted October 7, 2019 @Hoopster Thank you very much for sharing that info. I'm looking forward 6.8. Quote Link to comment
almulder Posted October 10, 2019 Share Posted October 10, 2019 Is it safe to forward a port to a container? I have a port forward to OMBI so family can request videos/TV, and 2 open ports to my standalone NVR. No other open ports. Also is there a way to lock down the different protocols in Unraid, I only want microsoft networking turned on, not SNMP, Telnet, SSH, TFTP, ISCSI, FTP, NFS, ect.. In my Qnap I can disable each one independently. Just want to make my unraid as secure as possible, and only have local access to it, with the exception of plex and ombi. Quote Link to comment
Squid Posted October 10, 2019 Share Posted October 10, 2019 7 minutes ago, almulder said: Is it safe to forward a port to a container? I have a port forward to OMBI so family can request videos/TV, and 2 open ports to my standalone NVR. No other open ports. Quite commonly done, and yes  7 minutes ago, almulder said: Also is there a way to lock down the different protocols in Unraid, I only want microsoft networking turned on, not SNMP, Telnet, SSH, TFTP, ISCSI, FTP, NFS, ect.. The various icons in the Settings Tab will disable what unRaid has the options for. 1 Quote Link to comment
almulder Posted October 10, 2019 Share Posted October 10, 2019 2 hours ago, Squid said: The various icons in the Settings Tab will disable what unRaid has the options for. Missed that and that is what I needed. Thanks. Quote Link to comment
Frank1940 Posted October 10, 2019 Share Posted October 10, 2019 The 'Fix Common Problems' plugin has a "Number of allowed invalid logins per day:" setting. 1 Quote Link to comment
JonathanM Posted October 10, 2019 Share Posted October 10, 2019 9 minutes ago, Frank1940 said: The 'Fix Common Problems' plugin has a "Number of allowed invalid logins per day:" setting. I could be wrong, but I don't think that will actually restrict anything except whether FCP will report it as an issue. Quote Link to comment
Frank1940 Posted October 10, 2019 Share Posted October 10, 2019 You could be right. This is what is says in the 'Help': Quote Number of allowed invalid logins per day - This is the number of "grace" invalid logins allowed per day either via the local console or through SSH / Telnet (ie: you typed your password wrong) This is used to determine if any hacking attempts are being made on your server The first portion seems to indicate that it will block logins after the number is exceeded but the last sentence seems to indicate that it may only issue a warning. Perhaps, @Squid might shed some light on this... Quote Link to comment
Squid Posted October 10, 2019 Share Posted October 10, 2019 3 hours ago, jonathanm said: FCP will report it as an issue. This 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.