Topic: webmail brute force attack

I'm under a bruteforce attack in the roundcube webmail, how i can auto block the IP(s), like a PAM to sshd, when a Ip have 3 wrong logongs or invalid users?

(my english isn't good)


Re: webmail brute force attack

Try fail2ban.


Re: webmail brute force attack

I myself use a Roundcube Webmail plugin called "rcguard" which shows a "captcha" after 5 login attempt failures ( no.of attempts can be altered). Only after entering both the "password" & "captcha" correctly, the user will be able to login. Other plugins with similar functionality are "antibruteforce" , "captcha". "Fail2ban" specified by ZhangHuangbin is also a nice option. Google "roundcube plugin repository" and you'll find them.


Re: webmail brute force attack

captcha is a good choice, thanks for your sharing smile