Cool thanks, this gives me some potential avenues to contribute.
Some of what I've done is simple firewall changes (fail2ban tweaks) which are probably a decent candidate for core.
I also have additional firewall setup which downloads IP blacklists once a day and blocks inbound packets from them, even a fairly conservative set of blacklists results in a drastic decrease in brute force traffic. However, this isn't something that should necessarily be turned on out of the box for a number of reasons. So maybe that's a candidate for a confconsole plugin to install??
Cool thanks, this gives me
Cool thanks, this gives me some potential avenues to contribute.
Some of what I've done is simple firewall changes (fail2ban tweaks) which are probably a decent candidate for core.
I also have additional firewall setup which downloads IP blacklists once a day and blocks inbound packets from them, even a fairly conservative set of blacklists results in a drastic decrease in brute force traffic. However, this isn't something that should necessarily be turned on out of the box for a number of reasons. So maybe that's a candidate for a confconsole plugin to install??