Hi, does anyone have any experience how to set Openfire on the web(WWW)? I’m afraid that they will begin to “brute force” a password through port 5222.
Is there any protection against brute force?
Your question is how to use Openfire to authenticate users for WWW website sessions?
No, I probably didn’t say it correctly.
I want people to connect with Spark 2.8.3 from the Internet?
I can open port 5222, but I’m afraid that the bad guys will start trying to “brute force” the login and password.
Presently, openfire does not have any built in brute force login protection. You have a couple of options though.
- On Linux, use iptables/nftables to place limits on new TCP connections per some unit time per client IP address.
- Use a tool like
fail2banto monitor the openfire logs for failed logins and then add the offending IPs to the firewall or to disable the user in Openfire via the restAPI plugin.
I am a little familiar with fail2ban, I can configure it for SSH. But I don’t know anything about fail2ban and RestAPI.
Could you share information on this setting with me?