added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban)
now after some incorrent login attempts your IP can be banned or blocked
(see new config variables)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
@@ -523,6 +523,68 @@ public:
|
||||
// each time zone is in a seperate space
|
||||
std::wstring time_zones_file;
|
||||
|
||||
// turn on the IP ban mechanizm
|
||||
// we have got three levels of bans (level 1, level 2, and the highest level 3)
|
||||
// default: true
|
||||
bool use_ban_list;
|
||||
|
||||
// the so called 'soft' max size
|
||||
// read below description for explanation
|
||||
// this is introduced to avoid deleting only one record from the ban list
|
||||
// default: 50000
|
||||
size_t ban_list_soft_max_size;
|
||||
|
||||
// this is the 'hard' max size of an IP's ban list
|
||||
// if there are more records than this value
|
||||
// then some of them will be removed (until the size will be ban_list_soft_max_size equal)
|
||||
// this value should be a little larger from ban_list_soft_max_size
|
||||
// default: 51000
|
||||
size_t ban_list_max_size;
|
||||
|
||||
// delay in seconds of the first level ban
|
||||
// default: 1800 (30 minutes)
|
||||
// it means withing the next 30 minutes you see only 'you are banned...' message on your webbrowser
|
||||
size_t ban_level_1_delay;
|
||||
|
||||
// delay in seconds of the second level ban
|
||||
// default: 86400 (24 hours)
|
||||
size_t ban_level_2_delay;
|
||||
|
||||
// delay in seconds of the third level ban
|
||||
// default: 604800 (7 days)
|
||||
size_t ban_level_3_delay;
|
||||
|
||||
// the minimum time in seconds which has to pass between the first GET request
|
||||
// (showing your the login form) and the second POST request (which sends the
|
||||
// login and password to the server)
|
||||
// if the time is shorter then the login attempt is treated as incorrect
|
||||
// (the same as if you provide incorrect user/password)
|
||||
// default: 2
|
||||
size_t incorrect_login_min_time_between_get_post;
|
||||
|
||||
// how many incorrect logins there must have been passed to display a captcha
|
||||
// next to the login form
|
||||
// default: 3
|
||||
size_t incorrect_login_captcha_treshold;
|
||||
|
||||
// the way how we prevent to login if there are too many incorrect login attempts
|
||||
// 0 - 'block logging' - do not show the login form in 'login' winix function
|
||||
// (instead a warning message will be printed)
|
||||
// 1 - add to ban list (warning: people from this IP will not be able to see your site and do anything)
|
||||
// default: 0
|
||||
int incorrect_login_cannot_login_mode;
|
||||
|
||||
// after how many incorrect login attempts we do the incorrect_login_cannot_login_mode action
|
||||
// default: 20
|
||||
size_t incorrect_login_cannot_login_treshold;
|
||||
|
||||
// used when incorrect_login_cannot_login_mode is zero
|
||||
// it is the time which should be passed to allow logging
|
||||
// default: 1800 (30 minutes)
|
||||
// if incorrect_login_cannot_login_mode is one then ban_level_X_delay times
|
||||
// will be taken accordingly
|
||||
size_t incorrect_login_cannot_login_delay;
|
||||
|
||||
|
||||
|
||||
Config();
|
||||
|
||||
Reference in New Issue
Block a user