Reduce check time for recently banned IPs
Reduces the effect of getting the password wrong immediately after being unbanned gets you instantly banned again.
This commit is contained in:
parent
79a17a725d
commit
3f0ea7079a
16
defense.php
16
defense.php
@ -331,6 +331,16 @@ class defense extends rcube_plugin {
|
||||
|
||||
// Check if banned now that above record has been updated
|
||||
$rTime = (time() - $this->fail_reset); // How far to look back for failed logins
|
||||
// Check if last ban lifted was within rTime
|
||||
$row = $this->getPreviousBanData($this->ipaddr);
|
||||
if ($row) {
|
||||
$data = unserialize($row['data']);
|
||||
$banLifted = $row['epoch'] + $data['duration'];
|
||||
if ($rTime < $banLifted) {
|
||||
// If IP was unbanned recently, only check since it was unbanned
|
||||
$rTime = $banLifted;
|
||||
}
|
||||
}
|
||||
$query = sprintf("SELECT count(*) AS n FROM %s WHERE ipaddr = '%s' AND epoch >= %d", $this->db_table, $this->ipaddr, $rTime);
|
||||
$result = $this->rc->db->query($query);
|
||||
if (!$result) { $this->dbError($query); return false; }
|
||||
@ -368,9 +378,7 @@ class defense extends rcube_plugin {
|
||||
$this->debug($query . " [" . $result->rowCount() . "]");
|
||||
return $args;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@ -403,7 +411,7 @@ class defense extends rcube_plugin {
|
||||
$this->rc->output->set_env('task', 'login');
|
||||
$this->rc->output->send('login');
|
||||
die();
|
||||
}
|
||||
}
|
||||
$this->debug("Login form submitted, username: " . $args['user']);
|
||||
return $args;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user