.. You may want to use the usual include line. Uncomment and adjust the path. .. include:: ../Includes.txt ========================= EXT: Secure Backend Login ========================= :Author: Kasper Skårhøj :Created: 2002-11-01T00:32:00 :Changed: 2013-09-09T09:07:22.170000000 :Author: Thomas Paul :Email: thomas@vianova.cc :Info 3: :Info 4: .. _EXT-Secure-Backend-Login: EXT: Secure Backend Login ========================= Extension Key: **aba\_bruteforceblocker** Copyright 2000-2002, Thomas Paul, Copyright 2013, Robert Puntigam This document is published under the Open Content License available from http://www.opencontent.org/opl.shtml The content of this document is related to TYPO3 \- a GNU/GPL CMS/Framework available from `www.typo3.com `_ .. _Table-of-Contents: Table of Contents ----------------- **EXT: Secure Backend Login 1** **Introduction 1** What does it do?1 **Administration 1** **Configuration 1** Redirect to Frontend or somewhere else after login2 **Known problems 2** **Changelog 3** .. _Introduction: Introduction ------------ .. _What-does-it-do: What does it do? ^^^^^^^^^^^^^^^^ This extension extends the original backend login form and adds a lot of new features, also security features, like - forgotten password link (after failed login, always, only for a specified ip-address, ...) - ip blacklist (datarecords, autoblacklist after a number of failed logins) - disable user after a number of failed logins - enable mail notifications for admin - go to frontend, page id or link after login (for user or usergroup) .. _Administration: Administration -------------- Install from Extension Repository … .. _Configuration: Configuration ------------- After installing the extension change to the Extension Manager and click the extension name in Loaded Extensions Now read the configuration descriptions and set the parameters you need .. ### BEGIN~OF~TABLE ### .. _ForgotPasswordLink: ForgotPasswordLink ^^^^^^^^^^^^^^^^^^ .. container:: table-row Property ForgotPasswordLink Data type boolean Description Enables the "forgot your password" link Default 0 .. _ForgotPasswordLinkAlways: ForgotPasswordLinkAlways ^^^^^^^^^^^^^^^^^^^^^^^^ .. container:: table-row Property ForgotPasswordLinkAlways Data type boolean Description shows the "forgot your password" link always, not only after a failed login Default 0 .. _NoResetPasswordForAdmins: NoResetPasswordForAdmins ^^^^^^^^^^^^^^^^^^^^^^^^ .. container:: table-row Property NoResetPasswordForAdmins Data type boolean Description Disables the possibility for admins to reset their password Default 1 .. _SendAdminResetNotification: SendAdminResetNotification ^^^^^^^^^^^^^^^^^^^^^^^^^^ .. container:: table-row Property SendAdminResetNotification Data type boolean Description send notification to the admin on every password reset Default 1 .. _SendAdminFailedLoginAttempt: SendAdminFailedLoginAttempt ^^^^^^^^^^^^^^^^^^^^^^^^^^^ .. container:: table-row Property SendAdminFailedLoginAttempt Data type boolean Description send every failed login attempt to the admin Default 0 .. _SendAdminIPBlacklist: SendAdminIPBlacklist ^^^^^^^^^^^^^^^^^^^^ .. container:: table-row Property SendAdminIPBlacklist Data type boolean Description send notification to admin if ip gets blacklisted Default 1 .. _SendAdminDisableUser: SendAdminDisableUser ^^^^^^^^^^^^^^^^^^^^ .. container:: table-row Property SendAdminDisableUser Data type boolean Description send notification to admin if user gets disabled Default 1 .. _adminUID: adminUID ^^^^^^^^ .. container:: table-row Property adminUID Data type int Description UID from the admin account who gets the notifications Default 1 .. _passwordLenght: passwordLenght ^^^^^^^^^^^^^^ .. container:: table-row Property passwordLenght Data type int Description the lenghts of the generated password Default 16 .. _ViewAfterReset: ViewAfterReset ^^^^^^^^^^^^^^ .. container:: table-row Property ViewAfterReset Data type options Description defines the page which is shown after the password reset Default login .. _ForgotPasswordLinkForIP: ForgotPasswordLinkForIP ^^^^^^^^^^^^^^^^^^^^^^^ .. container:: table-row Property ForgotPasswordLinkForIP Data type string Description show "forgot your password" link for ip address (for webhoster/webdeveloper/webmaster) Default 127.0.0.1 .. _EnableBlacklist: EnableBlacklist ^^^^^^^^^^^^^^^ .. container:: table-row Property EnableBlacklist Data type boolean Description enables a ip-blacklist to deactivate the login process Default 1 .. _AutoBlacklist: AutoBlacklist ^^^^^^^^^^^^^ .. container:: table-row Property AutoBlacklist Data type boolean Description enables the automatic blacklisting after "AutoBlacklistAfter" failed login attemps within the "BlacklistTime" Default 1 .. _AutoBlacklistAfter: AutoBlacklistAfter ^^^^^^^^^^^^^^^^^^ .. container:: table-row Property AutoBlacklistAfter Data type int Description the number of failed login attempts an ip address gets auto blacklisted Default 3 .. _PIDBlacklist: PIDBlacklist ^^^^^^^^^^^^ .. container:: table-row Property PIDBlacklist Data type int Description PID for the blacklist records Default 0 .. _DisableUser: DisableUser ^^^^^^^^^^^ .. container:: table-row Property DisableUser Data type boolean Description disables the user after "DisableUserAfter" failed login attemps within the "BlacklistTime" Default 0 .. _DisableUserAfter: DisableUserAfter ^^^^^^^^^^^^^^^^ .. container:: table-row Property DisableUserAfter Data type int Description the number of failed login attempts a user gets disabled Default 3 .. _BlacklistTime: BlacklistTime ^^^^^^^^^^^^^ .. container:: table-row Property BlacklistTime Data type int Description set the time of failed login attempts are on blacklist Default 3600 .. _AllowIPmaskList: AllowIPmaskList ^^^^^^^^^^^^^^^ .. container:: table-row Property AllowIPmaskList Data type boolean Description take into account IPs from "IPmaskList" and "devIPmask" from install tool Default 1 .. _WhiteListIPs: WhiteListIPs ^^^^^^^^^^^^ .. container:: table-row Property WhiteListIPs Data type string Description take into account IPs from this list ( comma seperated ) Default .. ###### END~OF~TABLE ###### .. _Redirect-to-Frontend-or-somewhere-else-after-login: Redirect to Frontend or somewhere else after login ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If you want to redirect a user - Change to the “User Admin” module in the Admin tools - Click on the pencil to edit the user - Change to the tap “extended” and set “go to frontend after login” or “go to ... after login” If you want to redirect a usergroup - Change to the list module - Click on the top page with the id 0 - Search for the Backend usergroup you want to redirect and click on the pencil to edit Change to the tap “extended” and set “go to frontend after login” or “go to ... after login” .. _Known-problems: Known problems -------------- None at this time .. _Changelog: Changelog --------- 0.0.1 – initial release by Thomas Paul 0.0.2 – some security fixes by Thomas Paul 0.0.3 – manual added by Thomas Paul 0.0.4 – go to frontend, page id or link after login (for user or usergroup) by Thomas Paul1.0.0 – completely rewritten for TYPO3 4.5.x by Robert Puntigam |img-1| EXT: Secure Backend Login - 3 .. ######CUTTER_MARK_IMAGES###### .. |img-1| image:: img-1.png .. :align: left .. :border: 0 .. :height: 32 .. :id: Graphic1 .. :name: Graphic1 .. :width: 102