Go to main content

Navigation menu

Textpattern CMS support forum

You are not logged in. Register | Login | Help

  1. Index
  2. » How do I…?
  3. » Failed login attempts

Pages: 1

#1 2010-04-18 00:59:47

whocarez
Plugin Author
From: Germany/Ukraine
Registered: 2007-10-08
Posts: 305
Website GitHub Twitter

Failed login attempts

Is it possible to get informed on failed login attempts or to log them? Best solution would be to log them in “/var/log/auth.log” or in another file and to use it in fail2ban to block the corresponding IP`s.

Offline

#2 2010-04-18 02:13:05

Gocom
Developer Emeritus
From: Helsinki, Finland
Registered: 2006-07-14
Posts: 4,533
Website

Re: Failed login attempts

From Textpattern with a plugin? The login screen and authetication functions are not “plugable” (ie. no plugins are loaded there). If you want to do it from Textpattern itself you would have to modify the core or exploit themes loading. Tho, you could possible monitor the post values and compare them to the database values or you could limit requests with modsecurity etc. TXP itself doesn’t return anything to monitor on login fail.

If you want to modify TXP’s core then the modification would go to around line 211 in /textpattern/include/txp_auth.php file. There you could possibly add some simple code that writes the IP in the banlist file.

Rah | GitHub

Offline

#3 2010-04-18 10:11:31

whocarez
Plugin Author
From: Germany/Ukraine
Registered: 2007-10-08
Posts: 305
Website GitHub Twitter

Re: Failed login attempts

ah, ok :-)

Offline

Pages: 1

  1. Index
  2. » How do I…?
  3. » Failed login attempts

Board footer

Powered by FluxBB