You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As far as I know, OM doesn't have a mechanism by which all failed authentications in Frontend and Backend are recorded in a file, for example a file named auth.log in Linux. If it had and there are grabbed IP's then it could automatically block an attacking address.
There is an open PR that limits failed authentications. I did not analyze it, but to record an IP in a file is important. An automatic or manual analysis of the file with failed authentications would reveal the attacks, especially on the Frontend side.
I use HoneySpam with an 85% success rate for subscribe to the newsletter (in the absence of using reCaptcha which visitors do not like for reasons of time). All collected addresses are automatically blocked for a period of 30 days.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
As far as I know, OM doesn't have a mechanism by which all failed authentications in Frontend and Backend are recorded in a file, for example a file named auth.log in Linux. If it had and there are grabbed IP's then it could automatically block an attacking address.
There is an open PR that limits failed authentications. I did not analyze it, but to record an IP in a file is important. An automatic or manual analysis of the file with failed authentications would reveal the attacks, especially on the Frontend side.
I use HoneySpam with an 85% success rate for subscribe to the newsletter (in the absence of using reCaptcha which visitors do not like for reasons of time). All collected addresses are automatically blocked for a period of 30 days.
Beta Was this translation helpful? Give feedback.
All reactions