restrict user by location?
Good morning, we use ispconfig on many of our servers, but only as standalone instances. On each of these we've restricted access to the admin interface on our firewall and also with iptables.
We're giving some thought to using a clustered setup for our DNS and/or mail and we want to open the interface to give users access to manage their own DNS and that.
One of the potential problems with that potentially somebody could brute force the admin login and then get access to everything.
Sure we can use fail2ban to reduce the likelihood of this but is there anyway to eliminate the option entirely?
Either say that the admin user can only log in from a certain IP or can only log in to a certain server in the cluster, and then we'd restrict access to that server?