ukamnya
/
roundcube-defense
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Defend roundcube from repeated login attempts
12 Commits
2 Branches
1 Tag
46 KiB
PHP 95.4%
TSQL 4.6%
 
 
Go to file
Steve Allison d3eab78782 Rename class to 'defense' 2013-02-20 20:59:40 +00:00
COPYING Add GPL 2013-02-20 12:14:55 +00:00
README.md Adjust name of plugin to 'defense' 2013-02-20 14:17:30 +00:00
config.inc.php.dist Clarify white/blacklist in config 2013-02-20 20:58:58 +00:00
roundcube-defense.php Rename class to 'defense' 2013-02-20 20:59:40 +00:00

README.md

Roundcube Defense

Protects the Roundcube login page from bruteforce login attempts.

Original concept from the roundcube "security" plugin by Lazlo Westerhof. Wanting to fix the shortfalls of that plugin led me to a rewrite.

FEATURES

  • Bruteforce protection
    • Ban based on X failed-logins per Y seconds (default: 5 fails / 60m)
    • Ban for X seconds. (default: 120)
    • Increasing ban duration by power of 4 for repeated offenders (2m, 8m, 32m, 8h32m, etc)
  • Whitelist
  • Blacklist
  • Failed logins log
    • Only accessible by administrator

INSTALLATION

  1. Change to plugins/ directory
  2. Clone git repository with: git clone https://github.com/stalks/roundcube-defense.git defense
  3. Add 'defense' table to SQL structure by using schema in plugins/roundcube-defense/SQL/
  4. Edit config file 'config.inc.php.dist' and save as 'config.inc.php'
  5. Add 'defense' to plugins array at config/main.inc.php

ISSUES

Create an issue ticket at https://github.com/stalks/roundcube-defense/issues

=================== Created by Steve Allison - https://www.nooblet.org/