I've been asked to add a lock out "feature" to our website. Basically after x failed attempts in y amount of time the server will refuse all login attempts for z amount of time.
I'd like to block both accounts (correct account name but incorrect passwords), and IP's regardless of what account they try to access. I figure I'll have to use some globals, but I'm just trying to figure out the best way to tackle the problem. I'm hoping someone else has already done this and can offer some suggestions. Any ideas? Jason _______________________________________________ Active4D-dev mailing list [email protected] http://mailman.aparajitaworld.com/mailman/listinfo/active4d-dev Archives: http://mailman.aparajitaworld.com/archive/active4d-dev/
