PostNuke

Flexible Content Management System

News

Security enhancement in design - RFC

Contributed by on Jan 31, 2002 - 12:26 PM

The mod would do the following:-




1) Disable [userid] where there are [x] failed attempts to login without success. Email to [userid] and also to [siteadmin]. Account can only be reactivated by admin.




2) Add new table to PN which will contain access log and IP address, userid, success/fail detais. Add new column to user to indicate failed attempts since last login.




3) Add IP address + timestamp to syslog every time there is a successful or unsuccesful login attempt. Increment counter on failed attempt, set to 0 on success. Log IP address to 'blacklist' on failed.




4) After [x] failed attempts from a given IP address in a given period, blacklist the IP. Mod to index.php (or modload?) which checks if the IP is blacklisted and, if so, directs to a new screen which indicates that the IP has been blacklisted and how, if this is not valid, to go about getting the sysadmin to unlock.




5) Would also require admin option to manage blacklisted users and IPs to re-enable.




Last, but not least, it would be nice if (a) we removed the login blocks from the main page and (b) had a parm to indicate that the redirect to user.php should only use https:// so that all the logins are conducted securely.




Any thoughts guys.....


2579