antihammering ?

antihammering ?

Postby Jack » Fri May 09, 2008 6:58 pm

I have a client that has attempted to login too many times using the wrong password. Their IP is now being blocked. I want to remove it from the list of blocked IP's. How can I do this? I cannot see a way to do it yet but will keep looking.

This was in web mail if it matters. :D
Jack
 
Posts: 48
Joined: Wed Sep 19, 2007 5:47 am

Re: antihammering ?

Postby Code Crafters » Mon May 12, 2008 11:25 am

In the general settings are the anti-hammering main values. The Block Time (30 mins by default) is the value that shows for how long an IP will be blocked once it triggers the anti-hammering Max Failed Login Attempts (5 by default) limit. Restarting the application will probably also reset this list as it is stored in memory only and not committed to file as far as I can remember.
Code Crafters
 
Posts: 942
Joined: Mon Sep 10, 2007 2:35 pm

Re: antihammering ?

Postby waterman34 » Wed May 14, 2008 10:46 am

chris wrote:In the general settings are the anti-hammering main values. The Block Time (30 mins by default) is the value that shows for how long an IP will be blocked once it triggers the anti-hammering Max Failed Login Attempts (5 by default) limit. Restarting the application will probably also reset this list as it is stored in memory only and not committed to file as far as I can remember.


Actually there's an easier way to do this as we often get customers entering wrong passwords etc

Firstly make sure the reason why their ip is being blocked for anti-hammering in the beginning is fixed and then change the block time to 1 second, save the settings then go back and change the block time back to normal.

As soon as that 1 second is reached they can access again and you simply just put the original values back after saving.
waterman34
 
Posts: 57
Joined: Thu Sep 27, 2007 11:33 am

Re: antihammering ?

Postby Jack » Wed May 14, 2008 10:37 pm

waterman34 wrote:
chris wrote:In the general settings are the anti-hammering main values. The Block Time (30 mins by default) is the value that shows for how long an IP will be blocked once it triggers the anti-hammering Max Failed Login Attempts (5 by default) limit. Restarting the application will probably also reset this list as it is stored in memory only and not committed to file as far as I can remember.


Actually there's an easier way to do this as we often get customers entering wrong passwords etc

Firstly make sure the reason why their ip is being blocked for anti-hammering in the beginning is fixed and then change the block time to 1 second, save the settings then go back and change the block time back to normal.

As soon as that 1 second is reached they can access again and you simply just put the original values back after saving.



This sounds like the best way to do it since I don't want to restart the application. That would kick everyone out.

Thanks, Jack
Jack
 
Posts: 48
Joined: Wed Sep 19, 2007 5:47 am


Return to General

Who is online

Users browsing this forum: Google [Bot] and 14 guests

cron