DEPRECATION WARNING
This documentation is not using the current rendering mechanism and is probably outdated. The extension maintainer should switch to the new system. Details on how to use the rendering mechanism can be found here.
EXT: sysfire_failban¶
Author: | Christopher |
---|---|
Created: | 2010-12-18T19:57:23 |
Changed by: | Martin Neumeyer |
Changed: | 2014-04-04T12:44:31 |
Classification: | sysfire_failban |
Keywords: | ban backend access based on failed login attempts per time and IP |
Author: | Martin Neumeyer, sysfire GmbH |
Email: | martin.neumeyer@sysfire.de |
Language: | en |
EXT: sysfire_failban¶
Extension Key: sysfire_failban
Language: en
Version: 0.1.6
Keywords: ban backend access based on failed login attempts per time and IP
Copyright 2013,Martin Neumeyer, sysfire GmbH, <martin.neumeyer@sysfire.de>
This document is published under the Open Content License
available from http://www.opencontent.org/opl.shtml
The content of this document is related to TYPO3
- a GNU/GPL CMS/Framework available from www.typo3.org
Table of Contents¶
`EXT: sysfire_failban 1 <#__RefHeading__5708_1738894311>`_
`Introduction 3 <#__RefHeading__5710_1738894311>`_
`Users manual 4 <#__RefHeading__816_2037733016>`_
`Administration 5 <#__RefHeading__31511_818911409>`_
`Configuration 6 <#__RefHeading__818_2037733016>`_
`Known problems 7 <#__RefHeading__31525_818911409>`_
`ChangeLog 8 <#__RefHeading__31623_818911409>`_
Introduction¶
What does it do?¶
This extension blocks backend-Access to TYPO3 based on IP of user and failed login attempts per time. Blocking is limited to timespan.Feel free to contact the author for feature requests.
Users manual¶
There are no parts which affect the frontend or users.
Administration¶
Simply install the plugin.
During installation you will be asked to enter some settings:
- lookuptime :Time interval to lookup login-attempts in sys_log in hours.Default: 1
- lookupfallback :If your sys_log is too large (> 500.000 rows) using SQL could result in a deadlock and breack the backend. To prevent this, large sys_log tables are recognized and the processing is changed: The latest “n” (this setting) rows are fetched and processed by the extension itself. The lookuptime will still be taken into account. If your system produces many entries in sys_log you will have to increase this value!Default:50
- failedattempts :Amount of acceptable failed logins. If more attempts are made in the given time interval above, backend will be locked.Default: 5
- lockmessage :The message to display when backend is locked.Default: “Access denied due to policy violation.”
- sendnotification :If you want to be notified of blocking events set this to true. Emails will be sent to 'warning_email_addr' (see Install-Tool) at the first event. Aditionally “logblocking” is set to true automatically.Default: false
- logblocking :Option to enable logging to sys_log without sending notifications. Is set to true if “sendnotification” is enabled.Default: false
Why ext_tables?¶
Why is the whole logic done within ext_tables.php? Simple answer: because it works.
Previous approaches which didn't work out:
- Hooks. There are no hooks for t3lib_userAuth.
- XCLASS. Did extend t3lib_userauth. But the XCLASS didn't work with “checkAuthentication()”.
- Service. The service worked fine. Just wasn't able to call the original methods like “getUser()” or “authUser()” from tx_sv_auth after the IP-based test returned true.
Thoughts appreciated!
Deny Login¶
Another thing to describe is the “blocking”-method itself, how the backend login is denied. We did chose a simple PHP “die()”-call to stop the login from being displayed. It's not the best style of handling this, but throwing an TYPO3 Exception completely clogged sys_log.
Again, thoughts appreciated for the next version!
Known problems¶
Large sys_log tables could result in a locked backend while many users are trying to log in / TYPO3 instances are writing to sys_log.The counting would produce a deadlock on the database. To prevent this, Version 0.1.2 was released and methods were reworked (see settings too). Hope this works better.
By design the extension will block multiple users if they are using the same proxy/IP-address. This ain't a bug – it's a feature!
Please report problems directly to the author by email.
ChangeLog¶
For further information see http://www.sysfire.de/entwicklung/typo3/extensions/sysfire- failban.html
0.0.x¶
Version
0.0.x
Changes
pre-release.
0.1.0¶
Version
0.1.0
Changes
Initial public release
0.1.1¶
Version
0.1.1
Changes
Performance optimization for large sys_log tables
0.1.2¶
Version
0.1.2
Changes
Added additional configuration parameter to parse large sys_log; SQL rewritten
0.1.3¶
Version
0.1.3
Changes
Bugfix-release
0.1.4¶
Version
0.1.4
Changes
Added parameter and methods to notify admin of blocking by email (feature request of Christian Clemens); added option to log to sys_log
0.1.5¶
Version
0.1.5
Changes
Updated for TYPO3 6.2
0.1.6¶
Version
0.1.6
Changes
Bugfix-Release: “Check for broken extensions” reported non-compability with 6.2. Compability for TYPO3 below 6.1.x dropped (use version 0.1.4)