[imp] Block IP
Filipe Azevedo
fazevedo at netmadeira.com
Fri Mar 27 10:23:31 UTC 2009
Hi,
I had the same issue, so I ended up developing a script to run
through the logs and match failed logins from the same IP during a given
time period. Whenever an IP address failed over a given amount of
logins, the script would generate a .htaccess file, thus preventing the
IP from accessing the site.
Note that this is just the basic concept of this mechanism, it would
be advisable to implement some kind of history and unblock mechanism,
because the thresholds will end up failing one way or another.
--
Best regards,
Filipe Azevedo
Jacky Chan wrote:
> Hi all,
>
> I am wondering whether Horde-IMP has this function for security concerns.
> I used IMP as Horde authentication application.
> But I logged there are plenty login failure record generated for IMP.
> And the username is obivously generated from dictionary.
> And the login retry period is so short from one IP that seems to be machine
> generated.
> That let me believe that I was under dictionary attack.
>
> I would like to ask IMP or Horde can deny the IP when number of login
> failure over certain limit in short range? Or Horde/IMP doesn't handle,
> please give me hints on this from third party.
>
> Thanks.
>
> Regards,
> Jacky
>
More information about the imp
mailing list