Topic: Brute Force Attack Prevention
Could someone create a mod similar to VB and PhpBB plugins that allow only a certain number of tries for a user to login before temp banning for 20 mins?
You are not logged in. Please login or register.
PunBB Forums → Feature requests → Brute Force Attack Prevention
Could someone create a mod similar to VB and PhpBB plugins that allow only a certain number of tries for a user to login before temp banning for 20 mins?
Temp banning the user that is being brute forced or the IP doing the brute forcing?
Note to self: brute force aeroguy's account so he can't log in.
Note to self: brute force aeroguy's account so he can't log in.
And why would you want to do this?
He was joking
i was thinking the ip that was doing the brute force be temp banned, also this ip should be noted some where in the admin section as logs, depending on how many days the logs were set to purge, the admin could permanately ban the ip and to see if any username were comprised by the ip. I think this could be done by comparing the recent ip and date of the user account to see if it is same as the brute force ip. For the log I was thinking something along the lines.
IP - Date / Time Stamp - Attacking Username - Successful (yes - no) - Permanetly Ban this Ip ( yes - no)
All joking aside, i think this feature is vital to have. Also if not already implemented in 1.3, i think all admin files should be kept in a seperate folder, so that it can be further protected by .htaccess password.
The "admin section as logs" bit would have to be an adaptation if the Admin Logs mod is installed
PunBB Forums → Feature requests → Brute Force Attack Prevention
Powered by PunBB, supported by Informer Technologies, Inc.