Return-Path: <user-return-30088-archive-asf-public=cust-asf.ponee.io@couchdb.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 31942200B29
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Thu, 30 Jun 2016 10:56:50 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 2C400160A52; Thu, 30 Jun 2016 08:56:50 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 74BE4160A51
	for <archive-asf-public@cust-asf.ponee.io>; Thu, 30 Jun 2016 10:56:49 +0200 (CEST)
Received: (qmail 1398 invoked by uid 500); 30 Jun 2016 08:56:48 -0000
Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@couchdb.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@couchdb.apache.org>
List-Post: <mailto:user@couchdb.apache.org>
List-Id: <user.couchdb.apache.org>
Reply-To: user@couchdb.apache.org
Delivered-To: mailing list user@couchdb.apache.org
Received: (qmail 1374 invoked by uid 99); 30 Jun 2016 08:56:48 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 Jun 2016 08:56:48 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 966E8187CDD
	for <user@couchdb.apache.org>; Thu, 30 Jun 2016 08:56:47 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.821
X-Spam-Level: 
X-Spam-Status: No, score=-0.821 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled
Authentication-Results: spamd3-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024)
	with ESMTP id k1cUDn87LyaC for <user@couchdb.apache.org>;
	Thu, 30 Jun 2016 08:56:47 +0000 (UTC)
Received: from mail-it0-f47.google.com (mail-it0-f47.google.com [209.85.214.47])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 3E7BE5F3F3
	for <user@couchdb.apache.org>; Thu, 30 Jun 2016 08:56:46 +0000 (UTC)
Received: by mail-it0-f47.google.com with SMTP id f6so64370875ith.0
        for <user@couchdb.apache.org>; Thu, 30 Jun 2016 01:56:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
        bh=/vURTdYi0rZeCh+a3Dnk1Ljx0EaUzEdnq/xrlPIOkWE=;
        b=oM1EKF8KRy14PSmVcDWsP3U+D6o8zKsH/ehFKY+HKP1cX6WwNx6EelrimyqiX0q61m
         ldXbTyhNQEvbC299RJ0V6+zJds76N6NJSmo9OKzEDww5t21n2DEA/f/14t4C1dSpo7kv
         8/h5fVbbaEHi7n8mtylwSj0pKfQzv8ZFZmVFo9GC9WGbKhONSw7aoz4/sW9x3pAI0678
         3xkVhZMlSnJvSxpPVqh/GEyDrsMYd3HZrMFjAB7egK/E24Dsja3b9WQG0a+vpoDa8iNJ
         M9a9qTun87G8BhqWs07VlXAvEgkuhgY+5jGjbz81it7ggIGHYuYQ3m1b2xENlfRuwgvn
         Pf0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to;
        bh=/vURTdYi0rZeCh+a3Dnk1Ljx0EaUzEdnq/xrlPIOkWE=;
        b=eQRGRRXoEh8wYmPmKCzMWm8kH3gZTVIGip0jIo5dkyonHbOOifDsXykfdJCU8Pzl4A
         bqFZ/34pHmTY541cWQnQqRmZV/FrWZ8xwnZDmO5pzD3Wj4gxQ4zr8tmYqsGMwiLu54BM
         Pv7PxxKQMMnbaaBD7BDO3pp1TXhWYFS3UzWhhmA398RpLN3VtkbYOZeqPHhasvziOA9s
         XHT/VScJsLKgslYr4A0dYC+QQBSFTCfUXDcYHpZXY0Es0pLyT2GRVh2zLTXesyLRYNo5
         qId5+u64qxJi2XiaC0DX12l39GRvl5awabLoDPv+QXtGmRFNy4xapoCKnv7y/t1OSOL1
         dPrw==
X-Gm-Message-State: ALyK8tKtNzDcAXeE9vHJYofn3hayrDSaQP247MRjx4Z4o9on6jxPGrWnPKnAlOpgaJdlZRZm8zkKuXyHAmVQjg==
X-Received: by 10.36.81.15 with SMTP id s15mr14480194ita.57.1467277005117;
 Thu, 30 Jun 2016 01:56:45 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.36.112.206 with HTTP; Thu, 30 Jun 2016 01:56:44 -0700 (PDT)
In-Reply-To: <CACLy94Xec6+UG+mO8FJqBXC-Ejq+Rn4VPbkeY3H6MnjmxpWOFg@mail.gmail.com>
References: <B361BD1C-EB7A-4127-B609-FE39E09346D3@gmail.com> <CACLy94Xec6+UG+mO8FJqBXC-Ejq+Rn4VPbkeY3H6MnjmxpWOFg@mail.gmail.com>
From: Alexander Shorin <kxepal@gmail.com>
Date: Thu, 30 Jun 2016 11:56:44 +0300
Message-ID: <CAHdjip+7-ThSUAALzxuZOuQS=FgeTW1qV9YiLJ3KRMAKeC_Cxw@mail.gmail.com>
Subject: Re: Fail2ban
To: "user@couchdb.apache.org" <user@couchdb.apache.org>
Content-Type: text/plain; charset=UTF-8
archived-at: Thu, 30 Jun 2016 08:56:50 -0000

On Thu, Jun 30, 2016 at 8:44 AM, Jason Smith <jason.h.smith@gmail.com> wrote:
> For one thing, can you process your CouchDB logs, for example looking for
> 403 (forbidden) or 401 (unauthorized), etc. And then you can ban those IP
> addresses.
>
> Would that solve your problem?

That would be need to done carefully, since validate_doc_update
functions may throw 401/403 errors and that's ok. You can eventually
ban good users for replication they do.

--
,,,^..^,,,