[TYPO3-english] brute force attacks on backend
Peter Kühnlein
peter at function2form.net
Thu Sep 12 07:20:23 CEST 2013
Am 12.09.2013 07:09, schrieb Stephan Bernhard:
> @ peter
>
> On 12.09.2013 06:45, Peter Kühnlein wrote:
>
>> you might try to use the .htaccess with a
>>
>> order:deny,allow
>> deny:all
>> allow:IP(RANGE)
>>
>
> that's what i do since the attack began:
>
> Deny from (IP)
>
> this is easy, of course, and works seemless.
> unless the attacker changes his IPs more frequently.
>
> stephan
yep stephan,
but denying all and allowing only your own IPs for the backend would
keep the attacker out, even if they changed the IPs. just make sure the
rule matches the backend only.
alternatively, the install tool has a section in [BE] called
[IPmaskList], which might be of help.
quote: "String: Lets you define a list of IP-numbers (with *-wildcards)
that are the ONLY ones allowed access to ANY backend activity. On error
an error header is sent and the script exits. Works like IP masking for
users configurable through TSconfig. See syntax for that (or look up
syntax for the function t3lib_div::cmpIP()) "
cheers,
peter
--
http://function2form.net
http://peter-kuehnlein.net
"Matters of small concern should be treated seriously."
(Hagakure)
More information about the TYPO3-english
mailing list