0
Pending Review
TryLogin should should reply with 403 status code instead of 200 on login failure
We want to create a fail2ban rule on our reverse proxy ( haproxy) to limit bruteforce attacks from the wild. Unfortunately, /TryLogin always reply with status code 200, regardless of success or wrong credentials, so we have no way to distinguish between login success and failure.
Thanks!
Customer support service by UserEcho