Login Ratelimit doesnt work on Debian 12.5

Note - If you do not fill in every section below, your post won’t be answered - you must provide the steps you have followed so far and the actions you’ve already taken. Make sure to remove this notice from your post too.

OS Name/Version: Debian 12.5

Product Name/Version: AMP version and build date: 22/03/2024 17:32

Problem Description:

  • What are you trying to do?

Testing Bruteforce security, on WAN network with public ip trying to login into my amp with users + passwords, amp is setted to block 5 attemps within 5 minutes

  • What are you expecting to happen?
    IP got blocked / login aborted

  • What is actually happening? (‘Nothing’ is not an acceptable answer!)
    After many login failures i can still login with correct user / passwords without ratelimit or slowdown or anything

Steps to reproduce:

  • Install debian 12.5 minimal on VM + apt update & upgrade
  • Run AMP install script
  • expose port to wan (portforward)
  • trying to bruteforce myself trough different WAN ip ex. Mobile Phone or Friends Home PC (different WAN IP)

Actions taken to resolve so far:

Using Proxy (NPM) with the correct headers
Reinstalled 3x on fresh VM
Checked AUDIT Log on AMP - the REAL! Wan IP is logged
checked NPM Logs - forwarded correctly
Increased/decreased Login Rate / Limit

tested with proxy and without proxy
tested on SFTP too

this is critical for me, bcs i doesnt want to expose to wan without ratelimit sftp / panel login, dial up ip is dangerous lot of bots bruteforcing my ips - 2 days ago someone trys to brutforce sftp of my minecraft server.

Avoid cross posting please when you’ve already got a github issue open. This has been resolved.

1 Like

yep, i dont do this anymore, kind of new here, didnt know which way is most maintained bcs i think this is an important security “bug” :slight_smile: im glad its fixed soon