Skip to content

Setup fail2ban to block people who hit the Clojars repo too much #24

New issue
New issue
Open
Open
Setup fail2ban to block people who hit the Clojars repo too much#24
@danielcompton

Description

@danielcompton
danielcompton
opened on Feb 12, 2016

There are some people with misconfigured applications/Nexus repo's who request files way too much. It could be good to use fail2ban to stop them from making requests too often. A first approximation for detecting this would be to check for IP's downloading the same file more than 5 times in half an hour. There are a few things to consider here:

  • The larger the time window, the more memory this will consume
  • If we're going to move to a CDN, how will we handle misconfigured clients like this? Maybe we can analyse the logs and block IPs out of band?
  • We don't want to block normal users, it should probably be run in report only mode for a while to make sure it's calibrated correctly.
  • It would be good to build up profiles of what normal maven usage and abusive behaviour look like, as kicking off a build with a clean m2 will generate a lot of (valid) requests.

http://codelog.climens.net/2011/02/13/using-fail2ban-with-nginx-in-debian/
http://blog.teabough.com/fail2ban-api-mailjet/

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions