Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Mitigate brute force attacks on login page
Mitigate brute force attacks on login page
  • El Forum
    Unregistered
  •  
#4
04-20-2012, 05:15 AM

[eluser]PhilTem[/eluser]
In case you add the sleep command to your code, the server isn't released from work since it's only sleeping and still processing the PHP interpreter's actions - which, in fact, is waiting. So there's still load on your server. It's really better to block IPs after too many wrong credentials.

Blocking IPs is really easy, since you already have a controller for the login page. Just add a check for any rows in your failed-logins-table where the IP matches and the record is not older than, let's say, 24h. If you find no rows the login form may be displayed, otherwise simply redirect to some other page of your desire.


Messages In This Thread
Mitigate brute force attacks on login page - by El Forum - 04-19-2012, 08:59 PM
Mitigate brute force attacks on login page - by El Forum - 04-19-2012, 11:47 PM
Mitigate brute force attacks on login page - by El Forum - 04-20-2012, 04:42 AM
Mitigate brute force attacks on login page - by El Forum - 04-20-2012, 05:15 AM
Mitigate brute force attacks on login page - by El Forum - 04-20-2012, 10:26 AM
Mitigate brute force attacks on login page - by El Forum - 04-20-2012, 10:50 AM
Mitigate brute force attacks on login page - by El Forum - 04-20-2012, 10:55 AM
Mitigate brute force attacks on login page - by El Forum - 04-20-2012, 12:11 PM
Mitigate brute force attacks on login page - by El Forum - 04-20-2012, 12:39 PM
Mitigate brute force attacks on login page - by El Forum - 04-20-2012, 03:24 PM
Mitigate brute force attacks on login page - by El Forum - 04-22-2012, 09:40 AM
Mitigate brute force attacks on login page - by El Forum - 04-22-2012, 11:53 AM
Mitigate brute force attacks on login page - by El Forum - 04-22-2012, 12:23 PM
Mitigate brute force attacks on login page - by El Forum - 04-22-2012, 01:09 PM
Mitigate brute force attacks on login page - by El Forum - 04-22-2012, 11:41 PM
Mitigate brute force attacks on login page - by El Forum - 04-23-2012, 02:45 AM
Mitigate brute force attacks on login page - by El Forum - 04-25-2012, 07:34 PM
Mitigate brute force attacks on login page - by El Forum - 04-25-2012, 07:42 PM
Mitigate brute force attacks on login page - by El Forum - 04-25-2012, 07:47 PM



Theme © iAndrew 2016 - Forum software by © MyBB