Subsonic Forum

by **agegold** » Thu Mar 07, 2013 2:59 pm

I'm a SubSonic user who donated before.

Since few days ago, looks like someone tries to login to my SubSonic server so many times, with wrong password.

So I'd like to kindly request you to make a function which can block specific IP for about 4~5 hours when some user failed to login more than five times.

by **gurutech** » Thu Mar 07, 2013 9:45 pm

Block the IP address on your firewall/router.

by **agegold** » Fri Mar 08, 2013 5:13 am

I use firewall but ip always change

by **jol** » Fri Mar 08, 2013 10:36 pm

agegold wrote: Since few days ago, looks like someone tries to login to my SubSonic server so many times, with wrong password.

So I'd like to kindly request you to make a function which can block specific IP for about 4~5 hours when some user failed to login more than five times.

I don´t see the benefit to ban the IP address if the user cannot authenticate successfully anway. Or does it lock out a legitimate user (not sure whether subsonic does that, there are pros and cons) because you shared credentials back some time?
Best regards, jol

by **daneren2005** » Fri Mar 08, 2013 11:19 pm

Ip banning is to prevent brute forcing. Right you you could pretty easily write a script which could try the most common 2-3 million passwords in less then a day, giving you access to 99% of the accounts on a standard server.

Subsonic Forum

IP block or ban Function

IP block or ban Function

Re: IP block or ban Function

Re: IP block or ban Function

Re: IP block or ban Function

Re: IP block or ban Function

Who is online