Version: 0.9, by kh99
Developer Last Online: Sep 2020
Category: Miscellaneous Hacks -
Version: 4.2.2
Rating:
Released: 03-18-2015
Last Update: Never
Installs: 14
Uses Plugins
Re-useable Code Translations Is in Beta Stage
No support by the author.
What is it?
----------------------------
This mod adds the option to disable user 'lockout' emails, which are sent after 5 failed attempts to log in to a user's account.
Note: I'm currently working on another mod that will add other login attempt notifications for admins.
Installation:
----------------------------
1) Import the product XML file from the Product Manager.
2) Go to Settings > Options > General Options and set "Enable User Lockout Email Notifications" as desired. If you want to allow some usergroups (such as admins) to continue to receive notifications for their own accounts, you can list the usergroupids (separated by commas) in the "Force Usergroup Lockout Email Notifications" option.
I have been getting (especially just of late) numerous failed log in attempts on members accounts which seem to be all from crawlers ignoring our robot.txt
This will put an end to that and hopefully stop members thinking there account is being hacked.
So glad that this mod was released, thank you kh99!
In just the past 4 weeks our forum has been hammered by bots in China trying to brute force our login page on anyone and everyone's accounts. They don't appear to be getting in, but it causes a panic by our members who start emailing the admins thinking their account has been hacked when they get the notice.
Super easy install, i'll monitor how well it works.
One option that would be really nice is to keep the notifications disabled being sent to the forum member's email address but have the login attempts CC'd to an administrator. That way admins can keep an eye on any bot / hack activity trying to login unsuccessfully.
I started to add that, then decided it would be better to write records to a db table and send a summary, like once an hour. But of course I got sidetracked. Maybe i'll just go back and add an alternate email address.
I started to add that, then decided it would be better to write records to a db table and send a summary, like once an hour. But of course I got sidetracked. Maybe i'll just go back and add an alternate email address.
The DB entries might be interesting for generating ban lists, etc.
Depending on how much invalid login attempts are going on, the email route could generate a lot of email traffic. However, if its pretty quiet an occasional email would be just fine.
Still, some mechanism should be in place to keep admins aware if bots are constantly trying to login, so that we can react accordingly (more IP bans, etc)
The DB entries might be interesting for generating ban lists, etc.
Depending on how much invalid login attempts are going on, the email route could generate a lot of email traffic. However, if its pretty quiet an occasional email would be just fine.
Still, some mechanism should be in place to keep admins aware if bots are constantly trying to login, so that we can react accordingly (more IP bans, etc)
Thank you again!
Well, I just saw your post in the dbtech product thread. Doesn't that take care of notifications?
I found the IPs the attacks seemed to be coming from were member IPs so I was banning my members when I was blocking them. Is it possible the attacks just fake IPs?
I found the IPs the attacks seemed to be coming from were member IPs so I was banning my members when I was blocking them. Is it possible the attacks just fake IPs?
Yeah, we were talking about that on vbulletin.com I think. I guess it's possible but I don't know enough about it to know how it's done. I mean, I know an IP packet could contain a fake source ip, but then whoever sent it isn't going to get a response, so I don't see how that helps someone guess passwords. Could be something else is going on there. Have you been in contact with any of those users so that you know they had nothing to do with it?
Hmm, well, I guess maybe someone spoofing IPs could blindly send the right packets to try a login, then use a different ip to see if the user is online. In that case I think the "HV on login" mod should stop that, if the HV is something that can't be guessed.
Disable User Lockout Emails Details »»
About Developer
Uses Plugins 
Is in Beta Stage 
03-19-2015, 03:26 PM
