I just detected in my seafile logs a some brute force attemps. I use the provided fail2ban sample and thought I’m fine but now detected this doesn’t protect any API brute force attempts.
I guess there are fail2ban rules out there which block theses API attempts. Any link to a git repo or any other place in the net is highly appreciated.
Just a comment for the seafile document writers: Please add a disclaimer in the doc for the existing fail2ban sample which makes clear this rule doesn’t protect against API brute force requests. Frankly I expect API fail2ban rules to be part of the seafile documentation