Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Not a member yet? Click here to register.
Forgot Password?

Slow down brute force attackers on login.php

Asked Modified Viewed 6,879 times
W
Wanabo
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
  • Started this discussions
asked
Senior Member

This very simple mod uses the php sleep function. It slows down brute force attackers on login.php.
The delay only occurs when a wrong user/pass combination is given.
Correct login is not affected.

Read more: Slow down brute force attackers on login.php
0 replies

7 posts

P
PolarFox
P
  • Veteran Member, joined since
  • Contributed 1,633 posts on the community forums.
  • Started 29 threads in the forums
answered
Veteran Member

Also you may use capt-cha-cha-cha, even the simply one.
0 replies
W
Wanabo
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
  • Started this discussions
answered
Senior Member

Yeah I all ready walked that road some time ago. But I spent coding on it today again.

But just can't get the captcha to function right. No captcha input is necessary to continue. But it should.

I have updated code http://www.8.php-fusion.net/forum/viewthread.php?forum_id=74&thread_id=2587&pid=26675#post_26675 here.

You can test the login.php here, http://zeelandnet.gebruikers.eu/login.php
0 replies
P
PolarFox
P
  • Veteran Member, joined since
  • Contributed 1,633 posts on the community forums.
  • Started 29 threads in the forums
answered
Veteran Member

yep, captcha after the first login, a good plan.
0 replies
A
Ankur
A
Ankur 10
Hi! Its me, Ankur Thakur! smile
  • Veteran Member, joined since
  • Contributed 1,277 posts on the community forums.
  • Started 60 threads in the forums
answered
Veteran Member

hmm... something like what I've seen in Gmail... Good work wanabo... :)
0 replies
W
Wanabo
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
  • Started this discussions
answered
Senior Member

Thanks, but the captcha is not working.
Please take a look at the code at 8.php-fusion site. See link in post 3.
0 replies
G
Gillette
G
Gillette 10
  • Senior Member, joined since
  • Contributed 335 posts on the community forums.
  • Started 4 threads in the forums
answered
Senior Member

Very nice indeed.
Great work.
0 replies
A
Ankur
A
Ankur 10
Hi! Its me, Ankur Thakur! smile
  • Veteran Member, joined since
  • Contributed 1,277 posts on the community forums.
  • Started 60 threads in the forums
answered
Veteran Member

Quote

Wanabo wrote:

Thanks, but the captcha is not working.
Please take a look at the code at 8.php-fusion site. See link in post 3.


Here is the Code which you may include in your Mod. I wish that this will be helpful to you...

Implementing Captchas manually:

When Displaying Captcha for Validation :
[syntaxhighlighter brush=php,first-line=1,highlight=0,collapse=false,html-script=false]$_CAPTCHA_HIDE_INPUT = false;
ob_start();
include INCLUDES."captchas/".$settings['captcha']."/captcha_display.php";
$captcha_output = ob_get_contents();
ob_end_clean();

if (!$_CAPTCHA_HIDE_INPUT) {
echo $captcha_output; // Captcha Image
echo "<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />"; // Captcha Form
}[/syntaxhighlighter]

When validating Captcha :
[syntaxhighlighter brush=php,first-line=1,highlight=0,collapse=false,html-script=false]$_CAPTCHA_IS_VALID = false;
include INCLUDES."captchas/".$settings['captcha']."/captcha_check.php";
if ($_CAPTCHA_IS_VALID == true) {
// Show the Form to the User
}[/syntaxhighlighter]
0 replies

Labels

None yet

Statistics

  • Views 0 views
  • Posts 7 posts
  • Votes 0 votes
  • Topic users 4 members

4 participants

W
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
  • Started this discussions
P
P
  • Veteran Member, joined since
  • Contributed 1,633 posts on the community forums.
  • Started 29 threads in the forums
A
A
Ankur 10
Hi! Its me, Ankur Thakur! smile
  • Veteran Member, joined since
  • Contributed 1,277 posts on the community forums.
  • Started 60 threads in the forums
G
G
Gillette 10
  • Senior Member, joined since
  • Contributed 335 posts on the community forums.
  • Started 4 threads in the forums

Notifications

Track thread

You are not receiving notifications from this thread.

Related Questions

Not yet