Web configurator auto-lockout?



  • Against bots who try to brute-force their way in through ssh, we have this nice little feature that a host gets blocked after a certain number of failed login attempts.

    Is there a similar mechanism for the web interface?



  • @rcfa:

    Is there a similar mechanism for the web interface?

    Check blocked ips on diagnostics -> table -> webconfiguratorlockout



  • @marcelloc:

    @rcfa:

    Is there a similar mechanism for the web interface?

    Check blocked ips on diagnostics -> table -> webconfiguratorlockout

    There's nothing there…

    So I take it, the answer is yes, except nobody has triggered it yet?
    If so, good!



  • Web interface has done the same since 2.0 betas.



  • @cmb:

    Web interface has done the same since 2.0 betas.

    Cool, that's all I needed to know…
    ...makes me a bit less paranoid about keeping the interface open to https access from the WAN side :)


Locked