Log

Navigation:  FileCOPA Manual >

Security
Previous pageReturn to chapter overviewNext page

Various options are available here to protect the server from becoming overloaded, or from abuse.

Please see also the section on Public Key SSH logins for individual Users.

security

Scripted Attacks

It is possible that, if exposed to the internet, your server could be attacked using a script to flood FileCOPA with attempts to log in. Typically these would be a "dictionary attack" using common usernames and passwords, or could even involve random usernames and passwords.

The feature above, Block IP address if xx failed login attempts ..., might be defeated in this circumstance.

The logins may all arrive almost concurrently which could defeat this measure as the blocking may be slower than the attack. This is more likely with slower hardware.

We have experienced such attacks during development, and FileCOPA withstood them.