7 November 2018, 21:54
I see many login attempts to phpMyAdmin, WebDAV, Wordpress and other popular Web applications (not existing on my computer). No doubt, Hiawatha is a very secure by default, nevertheless I am wondering how to employ properly the existing banning settings.
1. Despite of "ConnectionsPerIP = 25", I see 266 connections during one or two minutes from the same IP — for example https://www.on.lt/lol/log.txt
2. I have set "BanOnInvalidURL = 2" with "RebanDuringBan = yes" today, but I see banning duration in 9 (instead of 2) seconds in the system.log, while "0 connect attempts during ban".
I would appreciate your advice.