Issue #6303: [RFE] Rate-limit access to some interfaces by default - freeipa

freeipa

#6303 [RFE] Rate-limit access to some interfaces by default

Opened 7 years ago by simo. Modified 7 years ago

Some parts of freeipa are meant to be used relatively sparsely, one for example is the custodia base secrets sharing mechanism.

Using mod_security to rate limit access to the custodia related URIs would add a barrier to bruteforce attemps of any kind.

The same could be done for the rest of IPA with more relaxed limits.

mod_evasive could be used as well.

Metadata Update from @simo:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5 backlog

7 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 4.5 backlog

None

affects_doc

None

source

None

knownissue

None

type

enhancement

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

todo

tester

None

changelog

None

design

None

freeipa

Source Code

#6303 [RFE] Rate-limit access to some interfaces by default Opened 7 years ago by simo. Modified 7 years ago

Close issue as:

Metadata

#6303 [RFE] Rate-limit access to some interfaces by default

Opened 7 years ago by simo. Modified 7 years ago