Avatar

Temporarily blocked for logins (Change time limit?) (General)

by Auge ⌂ @, Tuesday, September 20, 2016, 15:05 (370 days ago) @ Magma

Hello

When you fail to login after the third attempt you get blocked for I think 5-10 minutes. Is there a way for admin to increase this time limit?

In the advanced settings page you can switch on and off this function with the setting temp_block_ip_after_repeated_failed_logins. On the other hand, there is no possibility to set the period. But you can set it in the code. There is only one place, where an IP is not saved in or read from the database but is deleted.

Open includes/login.inc.php and go – in the actual version 2.3.6.1 – to line 40. There is the only place, where the IP-entries are deleted from the database. There is the hardcoded lifetime period of banned IPs. Change the time (INTERVAL 10 MINUTE) in the WHERE-clause.

"DELETE FROM ".$db_settings['login_control_table']." WHERE time < (NOW()-INTERVAL 10 MINUTE)"

Tschö, Auge

--
further development of mlf1


Complete thread:

 RSS Feed of thread

powered by my little forum