You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I run a public instance of immich behind a swag nginx reverse proxy that also contains fail2ban. I noticed that the nginx-unauthorized rule of fail2ban is hit frequently when a user that is not logged in accesses a shared album. The fail2ban daemon is scanning the nginx logs and bans the IP for 10 minutes after 5 401 Unauthorized requests.
These 401 requests are also triggered when I access the immich instance directly without swag.
For me this is problematic because each of my users IP is directly banned after viewing 2-4 images and I don't think the webapp should request the following URLs when nobody is logged in.
1. Create a shared album
2. Open its link in an incognito browser window
3. Go to developer tools and inspect network requests, for Firefox you can use this filter: `status-code:401`
4. see 401 Unauthorized requests popping up, that ultimately lead fail2ban to ban the requesting IP
Additional information
No response
The text was updated successfully, but these errors were encountered:
The bug
Hi,
I run a public instance of immich behind a swag nginx reverse proxy that also contains fail2ban. I noticed that the nginx-unauthorized rule of fail2ban is hit frequently when a user that is not logged in accesses a shared album. The fail2ban daemon is scanning the nginx logs and bans the IP for 10 minutes after 5 401 Unauthorized requests.
These 401 requests are also triggered when I access the immich instance directly without swag.
For me this is problematic because each of my users IP is directly banned after viewing 2-4 images and I don't think the webapp should request the following URLs when nobody is logged in.
Thank you :)
The OS that Immich Server is running on
Debian
Version of Immich Server
v1.68.0
Version of Immich Mobile App
v1.68.0
Platform with the issue
Your docker-compose.yml content
unaltered from default setup
Your .env content
Reproduction steps
Additional information
No response
The text was updated successfully, but these errors were encountered: