Authentication
The need for security starts when we open up ports and host services on our servers. Some people just are evil some are curious, both are a treats. Servers are the prime targets.
We will use Authelia for securing our sites
The need for security
The need for security starts when we open up ports and host services on our servers. Some people just are evil some are curious, both are a treats. Some operating systems are very open to attacks and can then launch an attack on your sites. Some browser's are not secure either. Security is also not sharing personal information. Remember -It's a wild wild word out there.
Unauthorized use of any of your sites
- Week or stolen passwords used to gain access
- Access by brute force
What can we do
- Authelia has 2FA (two factor authentication )
- Fail2ban will slow down brute but force atacks
This time we focus on installing Authelia
Protect your applications with Single Sign-On and 2 Factor.
Authelia is an open-source full-featured authentication server available on Github .
Authelia shall be installed in it's own container on the same VM as NPM.
Authelia need some skill to set up but it's a very good service. And gives protection.
Installation
Se the main article Interface-Module
Authelia
Authelia is an open-source full-featured authentication server providing a login portal and treating authentication requests in cooperation with NGINX. Authelia is build to Protect your applications with Single Sign-On and 2 Factor.
- Authelia allows users stored in a LDAP to provide their username and password as first factor.
- Authelia offers a login portal to allow your users to login once and access everything.
- Authelia supports U2F security keys like Yubikeys as second factor.
- Authelia supports time-based one-time passwords generated by Google Authenticator.
- Password Reset. Authelia let your users reset their passwords with email confirmation in a few clicks.
- Per-resource authorizations. Authelia let you define fine-grained authorizations for every resources served by your various subdomains.
- Authelia regulates the number of login attempts made by a user to avoid brute force attacks.