mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 06:30:59 +01:00
* Admin: white-list IP addresses from blocking or set higher number of attempts
This commit is contained in:
parent
0121d50c30
commit
bf2de7f653
@ -220,6 +220,11 @@
|
||||
<description value="After how many unsuccessful attempts to login, an IP should be blocked (default 15) ?" label="%s:"/>
|
||||
<textbox id="newsettings[num_unsuccessful_ip]" size="5"/>
|
||||
</row>
|
||||
<row>
|
||||
<description value="Comma-separated IP addresses white-listed from above blocking (:optional number of attempts)"/>
|
||||
<textbox id="newsettings[unsuccessful_ip_whitelist]" size="64" blur="X.X.X.X[:N], ..."
|
||||
validator="/^(\\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(:\d+)?,? *)*$/"/>
|
||||
</row>
|
||||
<row>
|
||||
<description value="How many minutes should an account or IP be blocked (default 1) ?" label="%s:"/>
|
||||
<textbox id="newsettings[block_time]" size="5"/>
|
||||
|
@ -808,8 +808,24 @@ class Session
|
||||
$false_ip += Cache::getInstance(__CLASS__, self::FALSE_IP_CACHE_PREFIX.$ip);
|
||||
$false_id += Cache::getInstance(__CLASS__, self::FALSE_ID_CACHE_PREFIX.$login);
|
||||
|
||||
$blocked = $false_ip > $GLOBALS['egw_info']['server']['num_unsuccessful_ip'] ||
|
||||
$false_id > $GLOBALS['egw_info']['server']['num_unsuccessful_id'];
|
||||
// if IP matches one in the (comma-separated) whitelist
|
||||
// --> check with whitelists optional number (none means never block)
|
||||
$matches = null;
|
||||
if (!empty($GLOBALS['egw_info']['server']['unsuccessful_ip_whitelist']) &&
|
||||
preg_match_all('/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:\d+)?/',
|
||||
$GLOBALS['egw_info']['server']['unsuccessful_ip_whitelist'], $matches) &&
|
||||
($key=array_search($ip, $matches[1])) !== false)
|
||||
{
|
||||
$blocked = !empty($matches[3][$key]) && $false_ip > $matches[3][$key];
|
||||
}
|
||||
else // else check with general number
|
||||
{
|
||||
$blocked = $false_ip > $GLOBALS['egw_info']['server']['num_unsuccessful_ip'];
|
||||
}
|
||||
if (!$blocked)
|
||||
{
|
||||
$blocked = $false_id > $GLOBALS['egw_info']['server']['num_unsuccessful_id'];
|
||||
}
|
||||
//error_log(__METHOD__."('$login', '$ip') false_ip=$false_ip, false_id=$false_id --> blocked=".array2string($blocked));
|
||||
|
||||
if ($blocked && $GLOBALS['egw_info']['server']['admin_mails'] &&
|
||||
|
Loading…
Reference in New Issue
Block a user