Security Admin

cajkan

cajkan

Active Member
Hello

i would like to give an idea about the Admin password

Visitors can see that we are using Visiolist and they can see whats going on about the Admin panel

lets say this : www.google.com/admin

and they should be able to log into the admin panel

But a friend of mine told me that theres BOTS who trying to spam into admin panel and in time you can get ur password hacked

My idea was .

If user-admin got wrong password 3 times to ban his IP adress or something simmilar to prevent hacks and stuff
 
Basti

Basti

Administrator
Staff member
Already included. Brute force detection on login forms. If triggered you cant login anymore that day
 
cajkan

cajkan

Active Member
Well i think its better to ban IP.

Coz as admin im sure that you will never forgot password more than 3 times :D
 
Basti

Basti

Administrator
Staff member
Dont overestimate people ;) Writing a password wrong is very comon and to ban that ip is not very useable. Think most scripts who have brute force included disllow login for a certain time rather banning the ip
 
Mark Barnett

Mark Barnett

Member
Does the admin get emailed regarding the attempts? You could show the IP address in the email and the admin could ban the IP on the server level.
 
You must log in or register to reply here.
Top