From 2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Fri, 10 Jun 2011 12:02:59 +0200 Subject: [ticket/9992] Adding a limit on login attempts per IP. A new table was created to save all failed login attempts with corresponding information on username, ip and useragent. By default the limit is 50 login attempts within 6 hours per IP. The limit is relatively high to avoid big problems on sites behind a reverse proxy that don't receive the forwarded-for value as REMOTE_ADDR but see all users as coming from the same IP address. But if these users run into problems a special forwarded-for option is available to limit logins by forwarded-for value instead of ip. PHPBB3-9992 --- phpBB/install/schemas/schema_data.sql | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/install/schemas/schema_data.sql') diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index ea4157d6a3..08d6c18ee8 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -136,6 +136,9 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_thumb_widt INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_width', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_min_thumb_filesize', '12000'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_check', '3'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_login_limit_max', '50'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_login_limit_time', '21600'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_login_limit_use_forwarded', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_enable', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_host', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_password', ''); -- cgit v1.2.1