May I suggest you to make a recipe with this code and publish it in
the cookbook ? I am pretty sure there would be a lot of interest for
it, and we would get more comments/suggestions and reports.
Anyway, I will try this very soon on my own as my logs keep showing
automated login attempts
Looking at the logfiles I suspect someone is trying a brute force
attack to get the admin password one of my PmWiki fields, sending many
requests at a time and loading the server quite a lot.
If I understand correctly, as $DefaultPasswords['admin'] is normally
always defined, there is no need
Hello,
I propose two things:
- bind the session to the remote ip address and the user agent
- restrict a login from a remote ip address if there are more than 5 bad
logins within the last 2 hours
What do you think ?
Code:
// tb begin
function getSessionIpAgent() {
$ip = ;
if
I propose two things:
- bind the session to the remote ip address and the user agent
- restrict a login from a remote ip address if there are more than 5 bad
logins within the last 2 hours
What do you think ?
Code:
It looks very interesting. Thanks a lot for sharing this.
May I suggest
Thomas Bley wrote:
Hello,
I propose two things:
- bind the session to the remote ip address and the user agent
- restrict a login from a remote ip address if there are more than 5 bad
logins within the last 2 hours
What do you think ?
An alternative approach is to double a sleep for
