Thanks olivierlambert & julien-f for your responses 
In a test we're not able to confirm the 2-second-rule against BF-Attacks.
Anyway, for us the goal would be to manage/control the failed attempts
with our familiar fail2ban-environment.
Is there a way to fit wrong login-attempts with a different http-status?
Best regards
nullpunktnull
Hi olivierlambert
I would like to ask you to provide me more details about that,
because I can try a lot of wrong credentials and it still allows
further attempts.
It would be great to have controll about banning IPs and
viewing logs about that.
Best regards
nullpunktnull
Hi there
We installed XO from source on a Debian10-Node. As usual we're using fail2ban
for all kind of security. What I need is to prevent XO-Web from Bruteforce-Attempts.
The issue: I cannot find any log for failed login-attempts in:
The HTTP-Status is 200/OK in both cases.
What solution/advise would you recommend me to follow?
Best regards
nullpunktnull
Hi Olivierlambert
Thank you for your fast answer Could you maybe help me one time more
with a associated question? It was easy to implement my logo in the index.js
and build the dist new. But: I would like to to change the blue color from the
left menu-column.
If I search through the files I can find the background-color #044b7f just
in the dist-folder. What I would need is to change it in the src, so I can build
it new from the source.
Can you maybe helpme to find the correct file?
Best regards from Switzerland
Marco
Hi there
(Please excuse any mistypes - I'm a Swiss Guy learned a bit english in School)
I'd like to know, if it's allowed to implement our own Logo in the xo-web
on the upper left corner, just for "beauty reasons". I deployed XO from the
sources from GitHub.
Thanks for your assistance
Marco