Hello community, I know in 1.6.0 the failed login attempts will ban the IP by default, but this would not make sense in the scenario that users are under VPN. I am wondering if we (will) support banning username instead of a public facing IP.
Source: https://guacamole.apache.org/doc/1.6.0/gug/auth-ban.html Securing Guacamole against brute-force attacks — Apache Guacamole Manual v1.6.0 - guacamole.apache.org<https://guacamole.apache.org/doc/1.6.0/gug/auth-ban.html> Securing Guacamole against brute-force attacks # Version 1.6.0 of Guacamole introduces an extension that allows you to detect and block brute-force login attacks. When installed, the extension will track the IP addresses of failed authentication attempts. Once the threshold of failed logins is reached for a particular IP address, further logins from that address will be temporarily banned: guacamole.apache.org Thank you, Ares Ares Li Team Lead, DevOps [email protected] +1 778-900-1373 www.cayenta.com This message has been sent on behalf of a company that is part of the Harris Operating Group of Constellation Software Inc. If you prefer not to be contacted by Harris Operating Group please notify us.
