Ban IP on "administrator" login attempt

[HiVolt]

I have a lot of random IP's hammering my FTP site with the username "administrator" and trying various logins.

Of course I don't have such a username. The anti hammer feature only bans the IP temporarily, not permanently.

Is there a way to permanently ban an IP on the first "administrator" user login attempt?

Thanks.

[FTP]

OK, you just need to add the following scripts into the Event "OnExceedUSERPASS":

Code: Select all

local tabIPMask = c_GetIPMaskList("%Domain")
table.insert(tabIPMask,{"%IP",true})

local tabIPMask_new = {}
for _,IPMask in pairs(tabIPMask) do
      for k,v in pairs(IPMask) do
           if type(v) == "boolean" then
             if v == true then
               IPMask[k] = 1
             else
               IPMask[k] = 0
             end
           end
      end
      table.insert(tabIPMask_new,IPMask)
end

c_SetIPMaskList("%Domain",tabIPMask_new)

[HiVolt]

Thanks... But this is on any user attempt, correct? I'm only looking to do this only for a login attempt by a non existent user "administrator", and ban it right away.

[FTP]

You can't get the user name at that time, because he is not logged in.

I suggest you increase the number of failed login tries. Then random IP's hammering can be judged.