I just installed Zammad and ask myself how to prevent against hackers/attackers.
For example:
If a user forgot his password after 5 attempts the user has been blocked and as an admin, we can unlock the user. But what if there is just one admin user and the attacker/hacker enters my admin username 5 times wrong, then my admin account has been blocked. How can I enter the system now? Is there also a way to block the IP of the attacker (fail2ban).
Thx, for the solution. Is there also a way to block the end-user by his IP address as we can do with fail2ban. Would be nice if there is a prebuild filter script that we can use inside fail2ban.