pdpd Posted August 11, 2009 Share Posted August 11, 2009 We note that CSF/LFD does not block brute force attempts at client logins to WHMCS. Does anyone have any advice on how to prevent brute force attacks on client logins? 0 Quote Link to comment Share on other sites More sharing options...
quietfinn Posted August 11, 2009 Share Posted August 11, 2009 We note that CSF/LFD does not block brute force attempts at client logins to WHMCS. Does anyone have any advice on how to prevent brute force attacks on client logins? WHMCS does that by itself, see CONFIGURATION-> General Settings-> Other-> Failed Login Ban Time. 0 Quote Link to comment Share on other sites More sharing options...
pdpd Posted August 11, 2009 Author Share Posted August 11, 2009 Thanks - we saw that already but it is for 'Admin' logins only. We want to protect the 'Client Area' login. 0 Quote Link to comment Share on other sites More sharing options...
quietfinn Posted August 11, 2009 Share Posted August 11, 2009 Thanks - we saw that already but it is for 'Admin' logins only.We want to protect the 'Client Area' login. Ok, thanks for telling... I thought it was for client logins also. 0 Quote Link to comment Share on other sites More sharing options...
redrat Posted August 11, 2009 Share Posted August 11, 2009 You are able to set a minimum password strength and, really, strong passwords are the only practical defence. 0 Quote Link to comment Share on other sites More sharing options...
pdpd Posted August 11, 2009 Author Share Posted August 11, 2009 You are able to set a minimum password strength and, really, strong passwords are the only practical defence. Well some kind of brute force detection is essential - otherwise an IP can repeatedly attempt to gain access. Surely there must be some solution - or some way of getting LFD to monitor this? Anyone have any ideas? Thank you! 0 Quote Link to comment Share on other sites More sharing options...
redrat Posted August 11, 2009 Share Posted August 11, 2009 You can always monitor your access logs in cPanel or whichever CP you use and should do anyway. You are also able to block IPs directly in WHMCS as well as via .htaccess. Your host provider should also offer some protection. 0 Quote Link to comment Share on other sites More sharing options...
pdpd Posted August 11, 2009 Author Share Posted August 11, 2009 This is all good info, but we want an automated way of doing this. We dont want to rely on monitoring logs. We have this for SSH, cPanel and other login areas, and WHMCS even has it for the admin area, but it is required for the client area too. 0 Quote Link to comment Share on other sites More sharing options...
quietfinn Posted August 11, 2009 Share Posted August 11, 2009 We dont want to rely on monitoring logs. I think the problem is that there is no log to monitor, is there? 0 Quote Link to comment Share on other sites More sharing options...
pdpd Posted August 11, 2009 Author Share Posted August 11, 2009 Could be. Although if WHMCS handles this on the admin side, cant be too difficult to implement on the client side? 0 Quote Link to comment Share on other sites More sharing options...
redrat Posted August 11, 2009 Share Posted August 11, 2009 As far as I know, only successful client logins are noted in the system and, at least I imagine so, it should be somehow possible to use action hooks in a script that could be used. However, I am not sure if failed attempts are picked up in the system. Successful ones are obviously too late. I'd be tempted to open a ticket here to get a definitive answer quickly. This is a very good question though and I'd love to know what can be achieved myself. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.