mirror of
https://github.com/phpbb/phpbb.git
synced 2025-07-28 12:30:42 +02:00
[ticket/9992] Adding a limit on login attempts per IP.
A new table was created to save all failed login attempts with corresponding information on username, ip and useragent. By default the limit is 50 login attempts within 6 hours per IP. The limit is relatively high to avoid big problems on sites behind a reverse proxy that don't receive the forwarded-for value as REMOTE_ADDR but see all users as coming from the same IP address. But if these users run into problems a special forwarded-for option is available to limit logins by forwarded-for value instead of ip. PHPBB3-9992
This commit is contained in:
@@ -1207,6 +1207,26 @@ function get_schema_struct()
|
||||
),
|
||||
);
|
||||
|
||||
$schema_data['phpbb_login_attempts'] = array(
|
||||
'COLUMNS' => array(
|
||||
'attempt_id' => array('UINT', NULL, 'auto_increment'),
|
||||
'attempt_ip' => array('VCHAR:40', ''),
|
||||
'attempt_browser' => array('VCHAR:150', ''),
|
||||
'attempt_forwarded_for' => array('VCHAR:255', ''),
|
||||
'attempt_time' => array('TIMESTAMP', 0),
|
||||
'user_id' => array('UINT', 0),
|
||||
'username' => array('VCHAR_UNI:255', 0),
|
||||
'username_clean' => array('VCHAR_CI', 0),
|
||||
),
|
||||
'PRIMARY_KEY' => 'attempt_id',
|
||||
'KEYS' => array(
|
||||
'attempt_ip' => array('INDEX', array('attempt_ip', 'attempt_time')),
|
||||
'attempt_forwarded_for' => array('INDEX', array('attempt_forwarded_for', 'attempt_time')),
|
||||
'attempt_time' => array('INDEX', array('attempt_time')),
|
||||
'user_id' => array('INDEX', 'user_id'),
|
||||
),
|
||||
);
|
||||
|
||||
$schema_data['phpbb_moderator_cache'] = array(
|
||||
'COLUMNS' => array(
|
||||
'forum_id' => array('UINT', 0),
|
||||
|
Reference in New Issue
Block a user