Mark Hedges wrote:
>
>Hi... is there any possibility a post with a bad password
>could return 401 instead of 200... that way fail2ban would
>automatically block bots that try to hack list manager
>passwords.
In Mailman/Cgi/Auth.py in the definition of loginpage find
if msg:
msg = FontAttr(msg, color='#ff0000', size='+1').Format()
and append
print '401 Unauthorized\n'
to make it
if msg:
msg = FontAttr(msg, color='#ff0000', size='+1').Format()
print '401 Unauthorized\n'
This is entirely untested, but should work for both failed admin and
admindb logins.
--
Mark Sapiro <[email protected]> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
_______________________________________________
Mailman-Developers mailing list
[email protected]
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives:
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9
