Hi guys, I'm a young "system administrator" that works for a non profit organization. I've recently implemented owncloud on a local server running several virtual machines. Having only a static IP every service (running on different vms) is served through a reverse proxy (apache). I'm trying to secure my cloud installation in order to prevent bruteforce attack: I can log the attackers IP (using apache-mod-rpaf that reads the original ip from the x-forwarded-for header) and I was setting up fail2ban to add these ips to a blacklist and deny the access through iptables. But It seems that iptables is not able to understand where does the request come from and always log the internal proxy ip address. Is there a way to tell iptables to read the x-forwarded-for headers? can you suggest some other workaround? thank you guys -- Francesco Morosinotto web: http://morosinotto.it CV: http://morosinotto.it/curriculum skype: francescomorosinotto -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
