Hi all,
I'm running pound on a production server hosting several domains, each
one runs in a virtual machine and pound redirects traffic according to
requested domain.
the issue is that each virtual server see all requests coming from the
pound IP, meaning that:
a) some servers can count all failed login attempt to the CRM
administration page and block the source IP after some wrong attempts,
but the source IP is always the IP of the host running pound, so a
legitimate client is blocked until the protection timeout
b) in the log of the web servers the requesting IP is always the IP of
the host running pound, making very difficult the log analisys against
attacks, because I need to analize the pound log too
is there any workaround? or suggestion to make accessible the CRM
administration login pages to few external IPs only?
thanks
luciano
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
