- Login: helmut
- Registered on: 2019-01-08
- Last connection: 2019-12-16
- 07:42 Lighttpd Feature #2997: mod_auth: Rate limit failures
- I stand corrected. I was looking at the access log, but the error log contains everything that is needed for fail2ban...
- 06:48 Lighttpd Development: RE: Possible feature: authentication brute force hardening
- Thank you for pointing out the delegation option. I take that as "Is there general interest in this feature? -> No", ...
- I was looking into how lighttpd could be hardened against brute forcing authentication credentials. Unfortunately, I ...
- 09:04 Lighttpd Feature #2997: mod_auth: Rate limit failures
- Thank you for looking into the feature request and the patch.
I somehow missed the forum as the appropriate commun...
- 10:21 Lighttpd Feature #2997 (Invalid): mod_auth: Rate limit failures
- It would be nice if lighttpd provided a means to rate limit authentication failures.
Rationale: Why not use existi...
- 07:57 Lighttpd Feature #2976: Digest auth nonces are not validated
- I mostly agree with what you say. I derived the recommendation from the example given in the RFC. This is not the for...
- 09:42 Lighttpd Feature #2976 (Fixed): Digest auth nonces are not validated
- A malicious client attempting Digest authentication with lighttpd can arbitrarily invent nonces so long as the timest...
- 06:59 Lighttpd Bug #2925: autotools cross build failure with lighttpd
- Agreed. So not using AS_IF is not a bug here, but requires non-local consistency. I mainly added it because I did not...
- 07:08 Lighttpd Bug #2925: autotools cross build failure with lighttpd
- FYI, the change from MYSQL_INCLUDE to MYSQL_CFLAGS is not entirely non-required, because PKG_CHECK_MODULES populates ...
- 07:03 Lighttpd Bug #2925: autotools cross build failure with lighttpd
- Please don't replace AS_IF! That's broken. It's broken, because PKG_CHECK_MODULES uses AC_REQUIRE and AC_REQUIRE does...
Also available in: Atom