Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Penetration testing & security recommendations & #867

Open
adikeinan opened this issue Sep 10, 2020 · 0 comments
Open

Penetration testing & security recommendations & #867

adikeinan opened this issue Sep 10, 2020 · 0 comments
Labels
awaiting review
Milestone
Convert-a-Card 20...

Comments

@adikeinan
Copy link
Member

@harryjmoss noticed many failed attempts to log in to the Pybossa server and the dev and live frontend servers via ssh, with various accounts being tried and also attempts to log into the root account. Suggested using Fail2Ban to block IP addresses that fail to login multiple times.

Next step: NIIT to run security testing on the site and prioritise fixes.
@adikeinan adikeinan added this to the Convert-a-Card 2020 fixes milestone Sep 10, 2020
@adikeinan adikeinan changed the title Security recommendations & penetration testing Penetration testing & security recommendations & Sep 10, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
awaiting review
Projects
None yet
Milestone
Convert-a-Card 2020 fixes
Development

No branches or pull requests
1 participant
@adikeinan