Announcement

#1 2014-07-05 01:41:17

kyp_
Member
2013-06-17
84

Finding failed login attempts

Hello :)

So I was wondering, suppose someone would try and brute force my admin password. Is there a way
for me as admin to see or get notified if there were multiple failed login attempts?

Since "Crypto Captcha" can only be used for Registration/Commenting, I wouldnt know if someone was trying it already for weeks, right?

And I do like to IP-block these people the same way as over-enthusiastic crawlers.

o I do have a super-long extra incredible complicated password
o I dont have a user called "admin"

And is there a chance that my author name, which post images, is the same as the admin login name?
I dont have the author/uploader name shown (on the picture page) but I was still wondering if it is hidden as well ?


cheers
kyp




Piwigo version: 2.5.1
PHP version: 5.4.17
MySQL version: 5.5.36-cll


Cheers

Offline

 

#2 2014-07-05 07:10:12

mistic100
Former Piwigo Team
Lyon (FR)
2008-09-27
3271

Re: Finding failed login attempts

you could ask for an update of [extension by Charles2012] User Info Tracking

Offline

 

#3 2015-01-21 23:49:33

JAK
Member
2013-07-07
48

Re: Finding failed login attempts

For info, I wanted something like this too so out of interest, have installed the only version which was designed for Piwigo 2.4. It appears to be working fine in 2.7.3 apart from the link to a user's profile, which really is no big deal. If it falls over I'll report back.
Given security issues it must surely be worth formally updating this plug-in for 2.7.x

Edit: Seems it doesn't save changes to the default settings.

Last edited by JAK (2015-01-21 23:59:01)

Offline

 

Board footer

Powered by FluxBB

github twitter facebook google+ newsletter Donate Piwigo.org © 2002-2019 · Contact