Submitted by starr on Wed, 12/10/2014 - 09:22 Pro Licensee
How can I lock users after too many failed attempts to login?
Status:
Active
Web Hosting and Cloud Computing Control Panels
How can I lock users after too many failed attempts to login?
Comments
Submitted by andreychek on Wed, 12/10/2014 - 10:58 Comment #1
Howdy -- that's actually something that should occur automatically, though you may want to tweak the specifics being used.
You can configure it in Webmin -> Webmin -> Webmin Configuration -> Authentication. On that screen, you can set "Failed login blocks", which can block a host for N seconds after X failed login attempts.
Hi,
As another option, or to add additional protection to your system you can also look at the open source "OSSEC" intrusion detection system which amongst other great things will block users for a period of time if they fail to authenticate after a number of attempts.
We use OSSEC and have been able to sleep a lot better at night since we first deployed it, all while keeping hundreds of hackers at bay :-)
Best Regards,
Peter Knowles
TPN Solutions
Email: pknowles@tpnsolutions.com
Phone: 604-229-0715 (new)
Skype: tpnsupport
Website: http://www.tpnsolutions.com