1

(7 replies, posted in Feature requests)

i was thinking the ip that was doing the brute force be temp banned, also this ip should be noted some where in the admin section as logs, depending on how many days the logs were set to purge, the admin could permanately ban the ip and to see if any username were comprised by the ip. I think this could be done by comparing the recent ip and date of the user account to see if it is same as the brute force ip. For the log I was thinking something along the lines.

IP   - Date / Time Stamp - Attacking Username - Successful (yes - no) - Permanetly Ban this Ip ( yes - no)

All joking aside, i think this feature is vital to have. Also if not already implemented in 1.3, i think all admin files should be kept in a seperate folder, so that it can be further protected by .htaccess password.

2

(7 replies, posted in Feature requests)

Could someone create a mod similar to VB and PhpBB plugins that allow only a certain number of tries for a user to login before temp banning for 20 mins?

just curious as to what features can we expect from 1.3?

also if not already implemented could there be a system similar to phpbb max login attempts?