Thread: Administrative and Maintenance Tools - Mail Admin When fail to login to admincp V2
View Single Post
  #91  
Old 07-25-2012, 01:32 PM
Orfalopi Orfalopi is offline
 
Join Date: May 2012
Posts: 3
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Hi Ali

No problem and thanks for the response.
Meanwhile, I've managed to install the plugin.
(Just a small oversight on my part, which made that it didn't worked at first.)
Now it works perfectly on 4.1.12

Quote:
Originally Posted by Christian_ View Post
Thank you very much for the plugin, however I do have a question. Is it only my impression or does this plugin bypass the 5 strikes protection feature? If I try to login with wrong admin credentials at the top bar of the forum, I was able to enter passwords more than 5 times. I was always shown the predefined website that says my IP address was logged and sent to the admins, which is perfectly OK. I also received a mail every time the login attempt failed. But I'm not sure whether the 5 strikes protection mechanism is still in effect, since I wasn't shown this page.
I've noticed this too.
If I, lets say, enter 7 times in succession a wrong password for the Admin,
then I receive 7 messages in my mailbox.
So far so good.
But, when I look at the _strikes table in my database, I see no record of this event,
which means that the waiting time of 15 minutes after 5 incorrect login attempts is circumvented.
When a cracker tries to break in with password-cracking software,
the mailbox will be flooded with messages.
Because there is no restriction on the number of login attempts, the cracker can continue to enter passwords without delay.
Maybe you can implement something, with which the 5 times (failed) login limit is preserved.

Otherwise, a great plugin
Good work :up:

Orfalopi
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01073 seconds
  • Memory Usage 1,765KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete