Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Vaultwarden 1.2.4 released

    Vaultwarden
    2
    2
    94
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • necrevistonnezr
      necrevistonnezr last edited by

      I usually don't create a new topic for every new version anymore, but this announcement could be relevant for Cloudron:

      Basic ratelimit for user login (including 2FA) and admin login

      Could that interfere with the built-in rate limiting of Cloudron?
      https://github.com/dani-garcia/vaultwarden/releases/tag/1.24.0

      1 Reply Last reply Reply Quote 2
      • nebulon
        nebulon Staff last edited by

        I don't think it is an issue, however essentially the more restrictive setting (Cloudron or app) will hit first. Looking at the changes at vaultwarden, their defaults are a lot more restrictive than the ones we have set in iptables as a generic default.

        I also think this makes much sense. Some apps may require more stringent measures others don't. So while having a basic line of defense from the platform, the apps can add on top where applicable, since only they know which routes to protect more and which are for example just public routes which just have to be prevented from a denial of service attack.

        1 Reply Last reply Reply Quote 3
        • First post
          Last post
        Powered by NodeBB