Ban IP on "administrator" login attempt

Post here if you have some suggestions or you want to request a new feature.

Ban IP on "administrator" login attempt

Postby HiVolt » Mon Jun 11, 2012 1:30 pm

I have a lot of random IP's hammering my FTP site with the username "administrator" and trying various logins.

Of course I don't have such a username. The anti hammer feature only bans the IP temporarily, not permanently.

Is there a way to permanently ban an IP on the first "administrator" user login attempt?

Thanks.
HiVolt
 
posts 9
 
joined Sat Mar 10, 2012 11:17 pm

Re: Ban IP on "administrator" login attempt

Postby FTP » Tue Jun 12, 2012 2:54 am

OK, you just need to add the following scripts into the Event "OnExceedUSERPASS":


Code: Select all
local tabIPMask = c_GetIPMaskList("%Domain")
table.insert(tabIPMask,{"%IP",true})

local tabIPMask_new = {}
for _,IPMask in pairs(tabIPMask) do
      for k,v in pairs(IPMask) do
           if type(v) == "boolean" then
             if v == true then
               IPMask[k] = 1
             else
               IPMask[k] = 0
             end
           end
      end
      table.insert(tabIPMask_new,IPMask)
end

c_SetIPMaskList("%Domain",tabIPMask_new)
FTP
Site Admin
 
posts 1236
 
joined Tue Sep 29, 2009 6:09 am

Re: Ban IP on "administrator" login attempt

Postby HiVolt » Tue Jun 12, 2012 1:43 pm

Thanks... But this is on any user attempt, correct? I'm only looking to do this only for a login attempt by a non existent user "administrator", and ban it right away.
HiVolt
 
posts 9
 
joined Sat Mar 10, 2012 11:17 pm

Re: Ban IP on "administrator" login attempt

Postby FTP » Tue Jun 12, 2012 3:48 pm

You can't get the user name at that time, because he is not logged in.

I suggest you increase the number of failed login tries. Then random IP's hammering can be judged.
FTP
Site Admin
 
posts 1236
 
joined Tue Sep 29, 2009 6:09 am


Return to Suggestions & Wishlist

Who is online

Users browsing this forum: No registered users and 1 guest

cron