How to limit login attempts to Subversion?

security apache-2.2 svn

mod_dav_svn has an extensive logging feature. Combine this with Fail2ban and you should be able to intercept brute-force login attempts.


You can do that in LDAP itself, if it supports the password policy IETF draft. (OpenLDAP does.) Just set the standard policy's pwdLockout attribute to true, pwdMaxFailure to a non-zero value, say 3 in your case, and pwdLockoutDuration to however many seconds you want the lockout to be, say 300, whatever you think is long enough to deter bots without annoying the hell out of real users.

Related

Disabled admin account on Win 2008 R2
Online configuration tool for iptables? [closed]
CCNA Case Study - Static Routes
Are there any drawbacks to running memcached on a Unix domain socket instead of the network (assuming one server)?
How do I set up a private mirror server for Cygwin?
Corrupt files' contents, while FS is OK
How to see the list of ip addresses in 'recent' module?
Rewrite from-address of all outgoing e-mail from a server using Postfix
Subversion - What is the purpose of txn-protorevs
When does the TCP engine decide to send an ACK?
Using "sc" command to control services with whitespace in name
How to make VNC server listen on a specific IP under Linux?