Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auto temp ban for Admin (backend) #9397

Closed
nhlpl opened this issue Mar 15, 2021 · 0 comments
Closed

Auto temp ban for Admin (backend) #9397

nhlpl opened this issue Mar 15, 2021 · 0 comments
Assignees
@julianlam
Labels
enhancement
Milestone
3.0.0

Comments

@nhlpl
Copy link

nhlpl commented Mar 15, 2021

Issue?
It is possible to lock superadmin access to the Admin (backend).

Steps to reproduce?
Wait for /admin (backend) to log-out.
Provide wrong superadmin password for many times.
NodeBB locks access to the /admin for superadmin user.

Frontend still works and superadmin can post new topics and replies.
After logging-out superadmin both frontend and backed are locked.

What is expected?
A better control over automatic temp bans (for example showing them in the user info).
Logging-out frontend if temp ban being applied for admin user.
Not sure how it should work for superadmin (uid=1).

Hosted on Alpine Linux edge using Podman v3.0.1
NodeBB v1.17.0-beta.3 is run with Node.js v14.16.0
NodeBB SHA:6e8b1bb9ad9301258b0b061705450255532a78ee
Built with Nobbic v0.5.0
It uses:

  • nginx (docker.io/nginx:alpine)
    with NGINX_VERSION=1.19.8 NJS_VERSION=0.5.2
  • nodebb (localhost/nodebb:14.16.0-1.17.0-beta.3)
    with NODEBB_VERSION=1.17.0-beta.3 NODE_VERSION=14.16.0 YARN_VERSION=1.22.5
  • redis (docker.io/redis:6.2.1-alpine)
    with REDIS_VERSION=6.2.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@julianlam julianlam

Labels
enhancement
Projects
None yet
Milestone
3.0.0
Development

No branches or pull requests
2 participants
@julianlam @nhlpl