Synametrics Technologies

Hello,

my logfile has this line:

INFO handler.SimpleLoginHandler - IP Address: 127.0.0.1 blocked from connected due to previous hacking attempts

SynMan sits behind an Apache reverse proxy so that's where 127.0.0.1 is coming from. WHat triggers this? Failed logins?

After this no user can log in until I restart SynaMan. Is there another way to remove this block? If I remember right, older versions unbaned blocked IPs after ten minutes.

Regards

Christian

Christian,

Running SynaMan behind a reverse proxy is not a good idea because:

• Every inbound connection will appear to come from your LAN IP and SynaMan will not be able to detect a bad IP from Good. If someone on the Internet tries to guess passwords, SynaMan will not know about it.
• SynaMan uses a special version of HTTP server to bypass size limitations in the HTTP protocol. For example, you won't be able to upload a 10GB file through an IIS server but you will be able to do it with SynaMan. By putting a proxy server in front of SynaMan defeats the purpose of the changes made in SynaMan's HTTP server.
• Audit Trail logs will be skewed because every client will appear to be connecting from the same IP

Having said that, you can disable the IP blacklisting in SynaMan using the following steps:

• Locate and modify server.properties (https://web.synametrics.com/server-properties.htm) file.
• Add the following line:

  block.blacklisted.hacker.ip=false

• Save the file and restart SynaMan

Thanks for your fast reply. I can see all the point you made. The reason for the reverse proxy was, that we wanted to use Let's Encrypt which was cumbersome with older SynaMan versions.

I just noticed, that SynaMan supports Let's Encrypt certificate generation. Does it also handle automatic renewal after 90 days like certbot?

Regards

Christian

Yes. Automatic renewals will happen in SynaMan, provided the port 80 is open. Watch a video on this topic. The video is about another product we publish but the concepts are similar. Link is https://xeams.com/video-letsencrypt.htm