[Security Feature] Login Fail trace / Detect Brute Force Attacks #1937
Comments
splitbrain
added a commit
that referenced
this issue
May 13, 2017
* master: fix error in config manager caused by changes visibility Continue if there are no attributes avoid dependency tests being marked as risky replaced some more each calls remove deprecated each() call test constructors need to call parent constructor use dataprovider in password tests removed deprecated blowfish class replace some var keywords translation update PassHash.class.php: in case of brcrypt, use the most recent variant $2y$ translation update Fix Typo in remote API (#1938) translation update translation update translation update use 403 response on bad logins. closes #1937
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
When i try to login on dokuwiki, i can brute-force login/password without any trace in apache2's logs, juste code 200 OK all right's :))
Without trace to detect login fail it's more difficult to detect Brute-Force's attacks.
After line 223 (if(!$silent) msg($lang['badlogin'], -1);) in inc/auth.php file add the following:
{ header('HTTP/1.0 404 Not Found'); }After this, if you use ossec on your dokuwiki/apache2 server , ossec can detect multiple 400 code error on apache and so any brute force on your dokuwiki :))
Tchuss les néné !
Ivanov
The text was updated successfully, but these errors were encountered: