[Icecast] Securing the Icecast admin page
Philipp Schafft
phschafft at de.loewenfelsen.net
Tue Jan 18 13:12:17 UTC 2022
Good afternoon,
On Tue, 2022-01-18 at 10:47 +0100, unosonic wrote:
> just a guess and untested, maybe you could create / add to a specific
> logfile utilizing
> icecast auth mechanism, esp. listener_add
> https://icecast.org/docs/icecast-2.4.0/auth.html
>
> in general it would be nice to have a more elaborated access control
> in icecast, like in apache or nginx webservers...
(please keep my reply to the original question in mind.)
Icecast 2.5 improved the auth system a lot over 2.4 (which actually was
the main reason we started with 2.5).
If you feel there is something missing I would be very happy to hear
about this via our ticket system:
https://gitlab.xiph.org/xiph/icecast-server/-/issues
Really looking forward to any suggestions.
With best regards,
> Damian:
> > Yeah, that’s what I thought, except f2b reads from the logs you
> > specific, and so when I tested logging in with incorrect Icecast
> > user credentials on my server, I could not see any lines in the
> > Icecast access.log file to indicate that a failed login attempt was
> > recorded. It leads me to think that f2b would not work in this
> > instance.
--
Philipp Schafft (CEO/Geschäftsführer)
Telephon: +49.3535 490 17 92
Löwenfelsen UG (haftungsbeschränkt) Registration number:
Bickinger Straße 21 HRB 12308 CB
04916 Herzberg (Elster) VATIN/USt-ID:
Germany DE305133015
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20220118/4f7958c6/attachment.sig>
More information about the Icecast
mailing list