ukamnya/roundcube-defense
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
39 Commits 2 Branches 1 Tag
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Steve Allison 3f0ea7079a Reduce check time for recently banned IPs 
Reduces the effect of getting the password wrong immediately after being
unbanned gets you instantly banned again.
2013-02-21 18:24:46 +00:00
localization
Add localization
2013-02-21 17:20:27 +00:00
config.inc.php.dist
Add config variable to set ban type
2013-02-20 21:20:42 +00:00
COPYING
Add GPL
2013-02-20 12:14:55 +00:00
defense.php
Reduce check time for recently banned IPs
2013-02-21 18:24:46 +00:00
README.md
Adjust name of plugin to 'defense'
2013-02-20 14:17:30 +00:00

README.md

Roundcube Defense

Protects the Roundcube login page from bruteforce login attempts.

Original concept from the roundcube "security" plugin by Lazlo Westerhof. Wanting to fix the shortfalls of that plugin led me to a rewrite.

FEATURES

  • Bruteforce protection
    • Ban based on X failed-logins per Y seconds (default: 5 fails / 60m)
    • Ban for X seconds. (default: 120)
    • Increasing ban duration by power of 4 for repeated offenders (2m, 8m, 32m, 8h32m, etc)
  • Whitelist
  • Blacklist
  • Failed logins log
    • Only accessible by administrator

INSTALLATION

  1. Change to plugins/ directory
  2. Clone git repository with: git clone https://github.com/stalks/roundcube-defense.git defense
  3. Add 'defense' table to SQL structure by using schema in plugins/roundcube-defense/SQL/
  4. Edit config file 'config.inc.php.dist' and save as 'config.inc.php'
  5. Add 'defense' to plugins array at config/main.inc.php

ISSUES

Create an issue ticket at https://github.com/stalks/roundcube-defense/issues

=================== Created by Steve Allison - https://www.nooblet.org/

Description
Defend roundcube from repeated login attempts
Readme 46 KiB
Languages
PHP 95.4%
TSQL 4.6%