1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-28 12:30:42 +02:00

[ticket/9992] Adding a limit on login attempts per IP.

A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.

PHPBB3-9992
This commit is contained in:
Nils Adermann
2011-06-10 12:02:59 +02:00
parent fc9b126691
commit 2dee57fd43
17 changed files with 343 additions and 16 deletions

View File

@@ -1207,6 +1207,26 @@ function get_schema_struct()
),
);
$schema_data['phpbb_login_attempts'] = array(
'COLUMNS' => array(
'attempt_id' => array('UINT', NULL, 'auto_increment'),
'attempt_ip' => array('VCHAR:40', ''),
'attempt_browser' => array('VCHAR:150', ''),
'attempt_forwarded_for' => array('VCHAR:255', ''),
'attempt_time' => array('TIMESTAMP', 0),
'user_id' => array('UINT', 0),
'username' => array('VCHAR_UNI:255', 0),
'username_clean' => array('VCHAR_CI', 0),
),
'PRIMARY_KEY' => 'attempt_id',
'KEYS' => array(
'attempt_ip' => array('INDEX', array('attempt_ip', 'attempt_time')),
'attempt_forwarded_for' => array('INDEX', array('attempt_forwarded_for', 'attempt_time')),
'attempt_time' => array('INDEX', array('attempt_time')),
'user_id' => array('INDEX', 'user_id'),
),
);
$schema_data['phpbb_moderator_cache'] = array(
'COLUMNS' => array(
'forum_id' => array('UINT', 0),