diff options
| author | Nils Adermann <naderman@naderman.de> | 2011-06-10 12:02:59 +0200 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2011-06-10 12:18:19 +0200 |
| commit | 2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63 (patch) | |
| tree | 3c50ada87cc79e7488cb68a57d52dd3494d985ed /phpBB/language/en/acp | |
| parent | fc9b12669145f72414eb45bbb73860099c6cecef (diff) | |
| download | forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.gz forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.bz2 forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.xz forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.zip | |
[ticket/9992] Adding a limit on login attempts per IP.
A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.
PHPBB3-9992
Diffstat (limited to 'phpBB/language/en/acp')
| -rw-r--r-- | phpBB/language/en/acp/board.php | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 3a63e72b8f..5d6930ce98 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -458,12 +458,18 @@ $lang = array_merge($lang, array( 'FORM_TIME_MAX_EXPLAIN' => 'The time a user has to submit a form. Use -1 to disable. Note that a form might become invalid if the session expires, regardless of this setting.', 'FORM_SID_GUESTS' => 'Tie forms to guest sessions', 'FORM_SID_GUESTS_EXPLAIN' => 'If enabled, the form token issued to guests will be session-exclusive. This can cause problems with some ISPs.', - 'FORWARDED_FOR_VALID' => 'Validated <var>X_FORWARDED_FOR</var> header', + 'FORWARDED_FOR_VALID' => 'Validate <var>X_FORWARDED_FOR</var> header', 'FORWARDED_FOR_VALID_EXPLAIN' => 'Sessions will only be continued if the sent <var>X_FORWARDED_FOR</var> header equals the one sent with the previous request. Bans will be checked against IPs in <var>X_FORWARDED_FOR</var> too.', 'IP_VALID' => 'Session IP validation', 'IP_VALID_EXPLAIN' => 'Determines how much of the users IP is used to validate a session; <samp>All</samp> compares the complete address, <samp>A.B.C</samp> the first x.x.x, <samp>A.B</samp> the first x.x, <samp>None</samp> disables checking. On IPv6 addresses <samp>A.B.C</samp> compares the first 4 blocks and <samp>A.B</samp> the first 3 blocks.', - 'MAX_LOGIN_ATTEMPTS' => 'Maximum number of login attempts', - 'MAX_LOGIN_ATTEMPTS_EXPLAIN' => 'After this number of failed logins the user needs to additionally solve the anti-spambot task.', + 'IP_LOGIN_LIMIT_MAX' => 'Maximum number of login attempts per IP address', + 'IP_LOGIN_LIMIT_MAX_EXPLAIN' => 'Once the count of failed logins from an IP address exceeds this limit any login from the IP address requires solving an anti-spambot task. Select 0 to disable the limit, so that no tasks need to be solved.', + 'IP_LOGIN_LIMIT_TIME' => 'IP address login attempt expiration time', + 'IP_LOGIN_LIMIT_TIME_EXPLAIN' => 'Login attempts expire after this period, in seconds.', + 'IP_LOGIN_LIMIT_USE_FORWARDED' => 'Limit login attempts by <var>X_FORWARDED_FOR</var> header', + 'IP_LOGIN_LIMIT_USE_FORWARDED_EXPLAIN' => 'Instead of limiting login attempts by IP address they are limited by <var>X_FORWARDED_FOR</var> values. <br /><em><strong>Warning:</strong> Only enable this if you are operating a proxy server that sets <var>X_FORWARDED_FOR</var> to trustworthy values.</em>', + 'MAX_LOGIN_ATTEMPTS' => 'Maximum number of login attempts per username', + 'MAX_LOGIN_ATTEMPTS_EXPLAIN' => 'Logging into a user account requires solving an anti-spambot task after the count of failed logins for the account exceeds this limit ', 'NO_IP_VALIDATION' => 'None', 'NO_REF_VALIDATION' => 'None', 'PASSWORD_TYPE' => 'Password complexity', |