Nicola Murino
1b1745b7f7
move IP/Network lists to the data provider
...
this is a backward incompatible change, all previous file based IP/network
lists will not work anymore
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-09 09:33:33 +01:00
Nicola Murino
c0fe08b597
defender: allow to set a different score for "no auth tried" events
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-25 18:49:03 +01:00
Nicola Murino
4995cf1b02
defender: allow to load blocklist/safelist also from config/env vars
...
Fixes #831
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-13 14:46:07 +02:00
Nicola Murino
5c2fd8d52a
add support for a start directory
...
Fixes #705
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-03 12:44:56 +01:00
Nicola Murino
7d8823307f
defender: add provider driver
...
Fixes #616
2021-12-25 12:08:07 +01:00
Nicola Murino
ea01c3a125
rate limiting: allow to exclude IP addresses/ranges
...
Fixes #563
2021-10-03 20:50:05 +02:00
Nicola Murino
fe953d6b38
REST API: add support for API key authentication
2021-08-17 18:08:32 +02:00
erwiese
05c62b9f40
add documentation for defender scores ( #500 )
...
Co-authored-by: Erwin Wiesensarter <erwin.wiesensarter@bkg.bund.de>
2021-08-13 15:40:33 +02:00
Nicola Murino
4be6307d87
webadmin: add defender page
2021-06-08 13:24:28 +02:00
Nicola Murino
8f6cdacd00
allow to limit the number of per-host connections
2021-05-08 19:45:21 +02:00
Nicola Murino
112e3b2fc2
add rate limiting support
2021-04-18 12:31:06 +02:00
Nicola Murino
80f5ccd357
web admin: add backup/restore
2021-01-22 19:42:18 +01:00
Nicola Murino
778ec9b88f
REST API v2
...
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore
Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0
Fixes #197
2021-01-17 22:29:08 +01:00
Nicola Murino
1e1c46ae1b
defender: minor docs improvements
2021-01-02 20:02:05 +01:00
Nicola Murino
d6b3acdb62
add REST API for the defender
2021-01-02 19:33:24 +01:00
Nicola Murino
037d89a320
add support for a basic built-in defender
...
It can help to prevent DoS and brute force password guessing
2021-01-02 14:05:09 +01:00