Legacy Temporary IP Ban - Time based

Status
Not open for further replies.

wheezy

Customer
Hey guys. The major problem with this plugin is that attackers are now spoofing legitimate users IP addresses. Not sure HOW they are doing so, but they are.

SO, the result is that the attacker will attempt brute force with existing user IP address and it then bans the IP address.

Then, the real user comes to the site and they are banned.

The first few times this happened, I didn't think much of it. Now it is occurring every single day multiple times per day.

I think a time based IP ban to STOP the brute force attack would work great. Potentially, the real user could hit the site during that time frame, but that's still better than having to go in every day and clear out all the banned ips. Typically about 20 per day now.

It is to the point where I NEED this mod or will be forced to uninstall the plugin and look for a different solution.

Thanks for your consideration.
 
Upvote 0
This suggestion has been closed. Votes are no longer accepted.
The problem with that is that removing an IP address from the IP Ban setting in the AdminCP isn't easy.

It's certainly something we can take into consideration, but you would be better off using a low-level solution like the ConfigServer Firewall & Login Failure Daemon as it will be much more powerful than anything we could create.
 
Status
Not open for further replies.
Back
Top