diff options
author | Nils Adermann <naderman@naderman.de> | 2011-06-10 12:02:59 +0200 |
---|---|---|
committer | Nils Adermann <naderman@naderman.de> | 2011-06-10 12:18:19 +0200 |
commit | 2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63 (patch) | |
tree | 3c50ada87cc79e7488cb68a57d52dd3494d985ed /phpBB/install/schemas/oracle_schema.sql | |
parent | fc9b12669145f72414eb45bbb73860099c6cecef (diff) | |
download | forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.gz forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.bz2 forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.xz forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.zip |
[ticket/9992] Adding a limit on login attempts per IP.
A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.
PHPBB3-9992
Diffstat (limited to 'phpBB/install/schemas/oracle_schema.sql')
-rw-r--r-- | phpBB/install/schemas/oracle_schema.sql | 43 |
1 files changed, 42 insertions, 1 deletions
diff --git a/phpBB/install/schemas/oracle_schema.sql b/phpBB/install/schemas/oracle_schema.sql index 9c25af2512..5a1e4930b2 100644 --- a/phpBB/install/schemas/oracle_schema.sql +++ b/phpBB/install/schemas/oracle_schema.sql @@ -1,6 +1,6 @@ /* - $Id$ + $Id: $ */ @@ -741,6 +741,47 @@ END; /* + Table: 'phpbb_login_attempts' +*/ +CREATE TABLE phpbb_login_attempts ( + attempt_id number(8) NOT NULL, + attempt_ip varchar2(40) DEFAULT '' , + attempt_browser varchar2(150) DEFAULT '' , + attempt_forwarded_for varchar2(255) DEFAULT '' , + attempt_time number(11) DEFAULT '0' NOT NULL, + user_id number(8) DEFAULT '0' NOT NULL, + username varchar2(765) DEFAULT '0' NOT NULL, + username_clean varchar2(255) DEFAULT '0' NOT NULL, + CONSTRAINT pk_phpbb_login_attempts PRIMARY KEY (attempt_id) +) +/ + +CREATE INDEX phpbb_login_attempts_attempt_ip ON phpbb_login_attempts (attempt_ip, attempt_time) +/ +CREATE INDEX phpbb_login_attempts_attempt_forwarded_for ON phpbb_login_attempts (attempt_forwarded_for, attempt_time) +/ +CREATE INDEX phpbb_login_attempts_attempt_time ON phpbb_login_attempts (attempt_time) +/ +CREATE INDEX phpbb_login_attempts_user_id ON phpbb_login_attempts (user_id) +/ + +CREATE SEQUENCE phpbb_login_attempts_seq +/ + +CREATE OR REPLACE TRIGGER t_phpbb_login_attempts +BEFORE INSERT ON phpbb_login_attempts +FOR EACH ROW WHEN ( + new.attempt_id IS NULL OR new.attempt_id = 0 +) +BEGIN + SELECT phpbb_login_attempts_seq.nextval + INTO :new.attempt_id + FROM dual; +END; +/ + + +/* Table: 'phpbb_moderator_cache' */ CREATE TABLE phpbb_moderator_cache ( |