On Wed, Nov 12, 2014 at 05:59:00PM +0100, Lorenzo Milesi wrote: > > Yes, you're right, and plugins for Joomla exists which log failed login > > attempts, and that would be the perfect solution. > > Sadly this is a shared hosting and I cannot force everyone to install > > packages... > > apparently there's no other mean but having "collaboration" from joomla > itself with the aforementioned plugin. > Joomla makes several POSTs to the administrator/index.php file even for > regular usage (or if there are several users from the same IP). > > I used this technique for wordpress, but it has a separate script for login > so it's not applicable to Joomla. >
I've had the same problem with Joomla and don't have a solution. I also have the same problem with WordPress, and do have a solution for that. I wrote a small plugin which syslogs failed login attempts. We install it as a "must-use" plugin (so the user doesn't have to deal with it or even know it is there). Fail2ban watches the logs for these failed logins and blocks hundreds of brute-force IPs every day. If you have the same problem with WP, I'd be happy to give you the plugin. Mark -- Mark Costlow | Southwest Cyberport | Fax: +1-505-232-7975 [email protected] | Web: www.swcp.com | Voice: +1-505-232-7992 Mail Minder - Intelligent Push Notifications for Email on the iPhone http://mailminderapp.com/download or in the App Store ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
