Reduce check time for recently banned IPs
Reduces the effect of getting the password wrong immediately after being unbanned gets you instantly banned again.develop
parent
79a17a725d
commit
3f0ea7079a
12
defense.php
12
defense.php
|
@ -331,6 +331,16 @@ class defense extends rcube_plugin {
|
||||||
|
|
||||||
// Check if banned now that above record has been updated
|
// Check if banned now that above record has been updated
|
||||||
$rTime = (time() - $this->fail_reset); // How far to look back for failed logins
|
$rTime = (time() - $this->fail_reset); // How far to look back for failed logins
|
||||||
|
// Check if last ban lifted was within rTime
|
||||||
|
$row = $this->getPreviousBanData($this->ipaddr);
|
||||||
|
if ($row) {
|
||||||
|
$data = unserialize($row['data']);
|
||||||
|
$banLifted = $row['epoch'] + $data['duration'];
|
||||||
|
if ($rTime < $banLifted) {
|
||||||
|
// If IP was unbanned recently, only check since it was unbanned
|
||||||
|
$rTime = $banLifted;
|
||||||
|
}
|
||||||
|
}
|
||||||
$query = sprintf("SELECT count(*) AS n FROM %s WHERE ipaddr = '%s' AND epoch >= %d", $this->db_table, $this->ipaddr, $rTime);
|
$query = sprintf("SELECT count(*) AS n FROM %s WHERE ipaddr = '%s' AND epoch >= %d", $this->db_table, $this->ipaddr, $rTime);
|
||||||
$result = $this->rc->db->query($query);
|
$result = $this->rc->db->query($query);
|
||||||
if (!$result) { $this->dbError($query); return false; }
|
if (!$result) { $this->dbError($query); return false; }
|
||||||
|
@ -369,8 +379,6 @@ class defense extends rcube_plugin {
|
||||||
return $args;
|
return $args;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue