Azurel
My feedback
26 results found
-
24 votes
An error occurred while saving the comment Azurel supported this idea ·
-
532 votes
We have serious doubts this function can really increase server security:
1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.
As for concerns that default password requirement is set in “weak”, that fail2ban module is not…
Azurel supported this idea ·
-
382 votes
An error occurred while saving the comment Azurel commented
15. December 2020... 7 years later :(
Azurel supported this idea ·
-
84 votes
Azurel supported this idea ·
-
71 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
— rk
Azurel supported this idea ·
-
120 votes
Thank you for your input! We will consider this functionality in upcoming releases, if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
IGAzurel supported this idea ·
-
137 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
ETAzurel supported this idea ·
An error occurred while saving the comment Azurel commented
It is already possible out-of-box. You can create with PHP a textfile with bad ips and in modsecurity you add a own "jail" that use this file. Thats all.
-
333 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
— AY
Azurel supported this idea ·
-
154 votes
Thank you for your input. We will consider the possibility of implementing this feature in upcoming releases.
Since Plesk Onyx panel admin will be able to install different MySQL versions as a Docker containers, then the DB servers can be connected as remote DB to Plesk.
SE
Azurel supported this idea ·
-
211 votes
Azurel supported this idea ·
-
326 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.— SU
Azurel supported this idea ·
An error occurred while saving the comment Azurel commented
Is DDos-Protection not a part of free service from your server provider and part of modsecurity(fail2ban)?
Hetzner have it free https://www.hetzner.de/unternehmen/ddos-schutz/ (german)
So is this feature request really needed? -
543 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
IGAzurel supported this idea ·
-
1,177 votes
Azurel supported this idea ·
-
714 votes
As an alternative option, you can configure GeoIP protection using nginx GeoIP module https://docs.plesk.com/en-US/obsidian/administrator-guide/website-management/websites-and-domains/extended-website-management/plesk-for-linux-setting-up-ip-geolocation-for-a-website.80011/
Please let us know what you think about it.
--AA
An error occurred while saving the comment Azurel commented
@Developer take a look in this https://www.ipdeny.com/ipblocks/
Make a List like this with a checkbox and clear list maybe daily and add selected country-ips in it. It can't be that hard and would significantly improve safety. ;)
// cn=china
firewall-cmd --permanent --ipset=blocked_country_ipv4_cn --add-entries-from-file=ipv4_cn.zoneAn error occurred while saving the comment Azurel commented
Is it not possible to use this?
https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-by-geoip/I have hundreds of fail2ban banned bot ips from russian and china. I want stop any traffic from there.
Azurel supported this idea ·
-
283 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
ETAzurel supported this idea ·
-
87 votes
An error occurred while saving the comment Azurel commented
Four years and still only ~30 participants. Too bad, I would like to have the feature to see and check where the last entries came from.
Azurel supported this idea ·
-
2 votes
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGAzurel shared this idea ·
-
47 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.—
IGAzurel supported this idea ·
-
108 votes
Azurel supported this idea ·
-
10 votes
Thank you for your input. We will consider this functionality in upcoming releases, if it will be popular.
Everyone, please continue voting for this feature if you consider it important.BTW, we have following solution for Plesk – https://talk.plesk.com/resources/blocking-extra-bots-using-nginx.6/
—
IGAzurel supported this idea ·
From time to time TOR users attack my server. I would like to have a fail2ban jail for TOR that can be turned on and off. All IPs are listed here: https://check.torproject.org/torbulkexitlist
Or as a firewal rule.
I realize that the attacker can also use other services.