Hey Everyone, I've been seeing in the system logs of osTicket, random invalid tokens from all over the world. I've added about 70,000 ip's to block via firewalld (running Ubuntu with apache). What are you all doing to block these types of scenarios? I understand this type of security is out of osTicket's scope, but am curious to what others are doing to protect against brute force type of logins? I would LOVE to get fail2ban working, but understand that the logs are part of the database. If I were to go the fail2ban route, how would I dump the logs of osTicket so they can be monitored by fail2ban? Or maybe there's a better route than fail2ban.
