From 746f5907460bb8d72001cf66e91dc3cab1b94321 Mon Sep 17 00:00:00 2001 From: Steve Allison Date: Thu, 21 Feb 2013 19:03:30 +0000 Subject: [PATCH 1/6] Update readme, TODO log ui --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 18d9141..a5d4498 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ FEATURES - Increasing ban duration by power of 4 for repeated offenders (2m, 8m, 32m, 8h32m, etc) - Whitelist - Blacklist -- Failed logins log +- Failed logins log [TODO: Logs are in DB, but no interface yet] - Only accessible by administrator INSTALLATION From d6a5e8a8006a7b7092fec16d554aae34fadd3a8e Mon Sep 17 00:00:00 2001 From: Steve Allison Date: Thu, 21 Feb 2013 19:11:51 +0000 Subject: [PATCH 2/6] Add image to readme --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index a5d4498..e49a171 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,8 @@ FEATURES - Failed logins log [TODO: Logs are in DB, but no interface yet] - Only accessible by administrator +![Example](http://i.imgur.com/caJQC3I.png) + INSTALLATION -------------------- 1. Change to plugins/ directory From 964c53427d6f2545303850bbc8f785dfcd897ee0 Mon Sep 17 00:00:00 2001 From: Steve Allison Date: Thu, 21 Feb 2013 19:15:04 +0000 Subject: [PATCH 3/6] Update README with roundcube version requirement --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index e49a171..2ab12f4 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,8 @@ Protects the Roundcube login page from bruteforce login attempts. Original concept from the roundcube "security" plugin by Lazlo Westerhof. Wanting to fix the shortfalls of that plugin led me to a rewrite. +Requires Roundcube 0.9-beta or higher. + FEATURES ------------------- - Bruteforce protection From 2f90243356cab9298c30edf98f77f1d8a9943f06 Mon Sep 17 00:00:00 2001 From: Steve Allison Date: Thu, 21 Feb 2013 19:19:51 +0000 Subject: [PATCH 4/6] Fix debug output for check period --- defense.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defense.php b/defense.php index 512c046..022a6dd 100644 --- a/defense.php +++ b/defense.php @@ -347,7 +347,7 @@ class defense extends rcube_plugin { $this->debug($query . " [" . $result->rowCount() . "]"); $row = $result->fetch(); if (!$row) { $this->debug("Warning, SQL result empty: $query"); return false; } // No rows? Strange, abort. - $this->debug("Found " . $row['n'] . " failed attempts in last " . $this->fail_reset . "s"); + $this->debug("Found " . $row['n'] . " failed attempts in last " . (time() - $rTime) . "s"); if (($row['n'] >= $this->fail_max)) { $this->debug("IP banned."); // This IP is now banned From e0bc3368903377c252298b06d0c302d63e5d6396 Mon Sep 17 00:00:00 2001 From: Steve Allison Date: Thu, 21 Feb 2013 21:25:11 +0000 Subject: [PATCH 5/6] Reformat config file a little --- config.inc.php.dist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config.inc.php.dist b/config.inc.php.dist index daaa28f..c1c8803 100644 --- a/config.inc.php.dist +++ b/config.inc.php.dist @@ -52,8 +52,8 @@ // Reset repeat offender count after this number of seconds or // multiply last ban period by , whichever is greater - $rcmail_config['defense_repeat_reset'] = 86400; + // Name of table in database $rcmail_config['defense_db_table'] = 'defense'; From 7e66141336eaf969f5ec2792983813f4a398f4df Mon Sep 17 00:00:00 2001 From: Steve Allison Date: Thu, 21 Feb 2013 21:25:56 +0000 Subject: [PATCH 6/6] Match comment to function --- defense.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defense.php b/defense.php index 022a6dd..1b1e496 100644 --- a/defense.php +++ b/defense.php @@ -131,7 +131,7 @@ class defense extends rcube_plugin { return (((!preg_match('/^[\.\/:0-9a-f]+$/', strtolower($ip))) || (substr_count($ip, ':') < 2)) ? true : false); } /** - * Check string if it is IPv6 + * Check string if it is IPv4 * * @param string * ip address