#6303 [RFE] Rate-limit access to some interfaces by default
Opened 3 years ago by simo. Modified 2 years ago

Some parts of freeipa are meant to be used relatively sparsely, one for example is the custodia base secrets sharing mechanism.

Using mod_security to rate limit access to the custodia related URIs would add a barrier to bruteforce attemps of any kind.

The same could be done for the rest of IPA with more relaxed limits.

mod_evasive could be used as well.

Metadata Update from @simo:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5 backlog

2 years ago

Login to comment on this ticket.