extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-26 16:48:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

use better defaults for some egw_info server values (num_unsuccessful_id, num_unsuccessful_ip, block_time)

Browse Source
This commit is contained in:
Klaus Leithoff 2012-11-29 11:13:58 +00:00
parent b0e47a70f7
commit 6378d289ca
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
phpgwapi/inc/class.egw_session.inc.php
View File

@ -186,7 +186,7 @@ class egw_session
}
if (!isset($GLOBALS['egw_info']['server']['block_time']))
{
$GLOBALS['egw_info']['server']['block_time'] = 5; // default 5min
$GLOBALS['egw_info']['server']['block_time'] = 1; // default 1min, its enough to slow down brute force attacks
$save_rep = true;
}
if (!isset($GLOBALS['egw_info']['server']['num_unsuccessful_id']))
@ -196,7 +196,7 @@ class egw_session
}
if (!isset($GLOBALS['egw_info']['server']['num_unsuccessful_ip']))
{
$GLOBALS['egw_info']['server']['num_unsuccessful_ip'] = $GLOBALS['egw_info']['server']['num_unsuccessful_id']; // default same as for id
$GLOBALS['egw_info']['server']['num_unsuccessful_ip'] = $GLOBALS['egw_info']['server']['num_unsuccessful_id'] * 5; // default is 5 times as high as the id default; since accessing via proxy is quite common
$save_rep = true;
}
if (!isset($GLOBALS['egw_info']['server']['install_id']))
@ -246,6 +246,10 @@ class egw_session
*/
function __destruct()
{
//if (empty($GLOBALS['egw_info']['user']['passwd']) )//|| empty($this->appsession('password','phpgwapi'))
//{
// error_log('__destruct'.'~252'.'->'." REQUEST_URI".$_SERVER['REQUEST_URI']);
//}
self::encrypt($this->kp3);
}