View Issue Details

Related ChangesetsJump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
14043User patchesSecuritypublic2018-09-10 15:262019-12-02 12:16
Reporterjweberhofer Assigned Toc_schmitz  
PrioritynoneSeveritytweak 
Status closedResolutionfixed 
Product Version 
Target VersionFixed in Version 
Summary14043: Improvement in IP blocking after failed login attempts
Description
  • Currently IP locks never get released. Therefore a single false login trial blocks a IP address for 10 minutes.
  • IP-Blocks should get updated while blocked: This causes a user how re-tries login too early to get blocked for another 10 minutes
TagsNo tags attached.
Complete LimeSurvey version number (& build)3.14.8+180829

Activities

jweberhofer

jweberhofer

2018-09-10 15:27

reporter   ~49003

A pull request 1116 has been created on github.
c_schmitz

c_schmitz

2019-11-19 16:13

administrator   ~54695

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=29264
lime_release_bot

lime_release_bot

2019-12-02 12:16

administrator   ~54901

Fixed in Release 3.21.0+191203

Related Changesets

LimeSurvey: master 1bd2f1bb

2019-11-19 16:13:20

jweberhofer


Committer: c_schmitz Details Diff 		Fixed issue 14043: Improvement in IP blocking after failed login attempts

* Improved blocking of failed login-attempts

Record new attempts only when IP is not already blocked. This prevents endless blocking if user occasionally tries to login again.

* Reset failed login counter after sucessful login

and remove a line of dead code		 Affected Issues
14043
mod - application/core/LSUserIdentity.php Diff File
mod - application/models/FailedLoginAttempt.php Diff File

Issue History

Date Modified Username Field Change
2018-09-10 15:26 jweberhofer New Issue
2018-09-10 15:27 jweberhofer Note Added: 49003
2019-11-19 16:13 c_schmitz Changeset attached => LimeSurvey master 1bd2f1bb
2019-11-19 16:13 c_schmitz Note Added: 54695
2019-11-19 16:13 c_schmitz Assigned To => c_schmitz
2019-11-19 16:13 c_schmitz Resolution open => fixed
2019-12-02 12:16 lime_release_bot Note Added: 54901
2019-12-02 12:16 lime_release_bot Status new => closed