Admin Tools

#23058 Different auto-ban rules for front and back end

Posted in ‘Admin Tools for Joomla! 4 & 5’

This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version

n/a

PHP version

n/a

Admin Tools version

n/a

Latest post by dlb on Thursday, 30 July 2015 22:42 CDT

Wednesday, 29 July 2015 15:52 CDT

kentmorrison

I sure tried to find this answer in the existing tickets, sorry if I missed it.

We have more problems with hackers trying to brute-force the /administrator login than the frontend logins.
Also, we have a lot of dumb users that often typo their passwords during front-end login attempts.

SO, I would like to set a strong rule (BAN after 2 attempts in 10 minutes) for the /administrator backend login

AND

a softer rule (BAN after 5 attempts in 1 hour) for the frontend login.

Is this possible ?

Thank you !
Super-satisfied customer
Kent

Wednesday, 29 July 2015 23:07 CDT

dlb

I'm sorry but we can't do that. The auto ban rules are the same for front end and back end. You need to make them loose enough that your "all thumbs" front end users don't get blocked out - too often.

You can use a secret parameter or password protect the back end to increase the protection there. And the attempts are being stopped, they are not likely to get in with more tries.

"Insanity: doing the same thing over and over again and expecting different results."

- Albert Einstein

Dale L. Brackin
Support Specialist

English: native

Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Thursday, 30 July 2015 18:13 CDT

kentmorrison

Thanks Dale !
Regards,
Kent

Thursday, 30 July 2015 22:42 CDT

dlb

You're welcome!