Threat shield, user password page, improved SSH policy and restore without network

The mighty @nethbot is working always hard to keep you posted on updates:: Updates for NethServer 7.7.1908

But this time I would like to highlight a couple of features released few days ago.

It’s been an hard work, kudos to everyone who joined the effort, special thanks to @andre8244, @edoardo_spadoni, @stephdl, @davidep!

Threat shield

This module manages free and commercial blacklists by blocking all the traffic from/to a list of IPs.
You can:

  • enable specific blacklist categories
  • search for blocked IPs
  • see blocking reports using Dante

Dashboard:

Configuration:

Check out more at:

And if you want high quality blacklists you can become Nethesis partner :wink:

Self-service password page

You can now expose a page for password change to port 443 (HTTPS), and keep port 9090 (Cockpit) private!

Enable it from the Settings page (remember to enable Override the shell of users option, first!):

Login user page:

After login (yes, the user can setup its own 2FA!):

More info at: https://docs.nethserver.org/en/v7/base_system2.html#user-settings-page

SSH access policy

If the Override the shell of users option is enabled, you can also create advanced SSH policies:

More info at: https://docs.nethserver.org/en/v7/base_system2.html#ssh-section

Disaster recovery without network

Ever wanted to move a machine from a VPS provider to another? Well, you may have faced the problem: after restoring the machine has a wrong network configuration and can’t be reached any more.

You can now restore a configuration backup wile preserving current network configuration:

More info at: https://docs.nethserver.org/en/v7/disaster_recovery.html#skip-network-restore

20 Likes

Wow, wow wow wow wow ! :clap: :clap: :clap: :clap: :clap:

3 Likes

And COVID19 plus GDPR Bands start to jamsession!

1 Like

Any more info on this?

That would seem to make my module redundant, but it’s definitely a good change. Even if I think the page appearance is nicer on mine…

1 Like

Maybe the user web page could be enhanced by some colours @edospadoni

But… Let’sencrypt certificate is fetched from user-settings page?
My bad. Wrong port forwarding on the test setup :sweat:

You need to sign a contract as Nethesis reseller. I’m not a sales guy, I do not know much more :wink:
I know that there are plans to port the blacklists also for subscriptions, but for now it’s just an idea.
If you would know more about partner program send a private message to @alefattorini.

I don’t think your module is redundant, yours is much more flexible and of course looks nicer!

2 Likes

Ehi I’m here :smiley:

It’s already on our enterprise version joining a partnership with yoroi.
You can become a Nethesis partner or in the future we’re looking for adding it to our subscription. But there are no plans at the moment.

A post was split to a new topic: Fail2ban banned users with a changed password