If someone tries to brute force passwords their IP will be blocked.
- This works like fail2ban
- The IP will be denied access then un-listed after 24 hours
- IPs are listed in noodle.log
- This can be immediately cleared by restarting the Noodle service
- The feature may be disabled or specific whitelisting entries added from the System Settings > Security section
- The default threshold (20 failures per minute) may be adjusted via the BlackList.PerMinuteThreshold option in noodle.properties.
- One proxy or NATÂ user can get many or all users blocked due to shared IP.
- If all users share the same NAT, it's best to have the Noodle server on the LAN side of that NAT.
- Best to route to the Noodle server with the "Transport layer" instead of the "application layer" (NAT port forward vs HTTP proxy).