Re: Securing development environment
- Date: Sat, 19 May 2018 15:29:25 +0000
- From: Andy Smith <andy@xxxxxxxxxxxxxx>
- Subject: Re: Securing development environment
On Sat, May 19, 2018 at 12:03:37PM +0200, Hubert Hauser wrote:
> On 19/05/18 07:29, Chris wrote:
> > Make those services listen to localhost and do port forwarding in your
> > SSH client.
> It might be a good idea but I am not sure whether fail2ban with nginx
> basic_auth mechanism is a simplier solution. You have not replied me is
> it. Should I worry about maximum length of passwords (8 characters)?
If the services are only available in localhost then you don't need
Fail2ban is a massive hack (spotting wrongdoing by reading logs of
it after the fact?) so if there is a way to avoid the issue in the
first place then to me that is preferable.