[TYPO3-core] Brute force protection for TYPO3 backend
Marcus Krause
marcus.krause at typo3.org
Sun Sep 22 14:18:55 CEST 2013
Hi Torben,
Am 22.09.2013, 07:27 Uhr, schrieb Torben Hansen <hansen at skyfillers.com>:
> Hi all,
>
> brute force attacks to TYPO3 backends increased the last weeks, so I
> created a patch which internally blacklists the remote IP address for a
> given time, if there are too many authentication failures from a remote
> host.
>
> http://forge.typo3.org/issues/52170
>
> The attached patch is not completely finished, but I would like to hear
> some feedback from the core developers, if this approach is something
> that could make it to the core of the next LTS.
thank you for working on this topic. I'd like to have something like this
in the Core. So please go on.
However I have oulined a few issues on the current patchset which IMHO
should be taken care of.
Thanks again for your contribution,
cheers Marcus.
PS: Greetings from PHPunconference and Stefano, who is sitting next to me
right now. ;-)
--
Marcus Krause
TYPO3 Security Team
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-team-core
mailing list