.. You may want to use the usual include line. Uncomment and adjust the path. .. include:: ../Includes.txt ===================== EXT: sysfire\_failban ===================== :Author: Christopher :Created: 2010-12-18T19:57:23 :Changed by: Martin Neumeyer :Changed: 2014-04-04T12:44:31 :Classification: sysfire_failban :Keywords: ban backend access based on failed login attempts per time and IP :Author: Martin Neumeyer, sysfire GmbH :Email: martin.neumeyer@sysfire.de :Language: en .. _img-1-img-2-EXT-sysfire-failban: |img-1| |img-2| EXT: sysfire\_failban ===================================== Extension Key: sysfire\_failban Language: en Version: 0.1.6 Keywords: ban backend access based on failed login attempts per time and IP Copyright 2013,Martin Neumeyer, sysfire GmbH, This document is published under the Open Content License available from http://www.opencontent.org/opl.shtml The content of this document is related to TYPO3 \- a GNU/GPL CMS/Framework available from www.typo3.org .. _Table-of-Contents: Table of Contents ----------------- **`EXT: sysfire\_failban 1 <#__RefHeading__5708_1738894311>`_** **`Introduction 3 <#__RefHeading__5710_1738894311>`_** `What does it do? 3 <#__RefHeading__463_413120346>`_ **`Users manual 4 <#__RefHeading__816_2037733016>`_** **`Administration 5 <#__RefHeading__31511_818911409>`_** **`Configuration 6 <#__RefHeading__818_2037733016>`_** **`Known problems 7 <#__RefHeading__31525_818911409>`_** **`ChangeLog 8 <#__RefHeading__31623_818911409>`_** .. _Introduction: Introduction ------------ .. _What-does-it-do: What does it do? ^^^^^^^^^^^^^^^^ This extension blocks backend-Access to TYPO3 based on IP of user and failed login attempts per time. Blocking is limited to timespan.Feel free to contact the author for feature requests. .. _Users-manual: Users manual ------------ There are no parts which affect the frontend or users. .. _Administration: Administration -------------- Simply install the plugin. During installation you will be asked to enter some settings: - **lookuptime** :Time interval to lookup login-attempts in sys\_log in hours.Default: 1 - **lookupfallback** :If your sys\_log is too large (> 500.000 rows) using SQL could result in a deadlock and breack the backend. To prevent this, large sys\_log tables are recognized and the processing is changed: The latest “n” (this setting) rows are fetched and processed by the extension itself. The *lookuptime* will still be taken into account. If your system produces many entries in sys\_log you will have to increase this value!Default:50 - **failedattempts** :Amount of acceptable failed logins. If more attempts are made in the given time interval above, backend will be locked.Default: 5 - **lockmessage** :The message to display when backend is locked.Default: “Access denied due to policy violation.” - **sendnotification** :If you want to be notified of blocking events set this to true. Emails will be sent to 'warning\_email\_addr' (see Install-Tool) at the first event. Aditionally “logblocking” is set to true automatically.Default: false - **logblocking** :Option to enable logging to sys\_log without sending notifications. Is set to true if “sendnotification” is enabled.Default: false .. _Why-ext-tables: Why ext\_tables? ^^^^^^^^^^^^^^^^ Why is the whole logic done within ext\_tables.php? Simple answer: because it works. Previous approaches which didn't work out: - Hooks. There are no hooks for t3lib\_userAuth. - XCLASS. Did extend t3lib\_userauth. But the XCLASS didn't work with “checkAuthentication()”. - Service. The service worked fine. Just wasn't able to call the original methods like “getUser()” or “authUser()” from tx\_sv\_auth after the IP-based test returned true. Thoughts appreciated! .. _Deny-Login: Deny Login ^^^^^^^^^^ Another thing to describe is the “blocking”-method itself, how the backend login is denied. We did chose a simple PHP “die()”-call to stop the login from being displayed. It's not the best style of handling this, but throwing an TYPO3 Exception completely clogged sys\_log. Again, thoughts appreciated for the next version! .. _Known-problems: Known problems -------------- Large sys\_log tables could result in a locked backend while many users are trying to log in / TYPO3 instances are writing to sys\_log.The counting would produce a deadlock on the database. To prevent this, Version 0.1.2 was released and methods were reworked (see settings too). Hope this works better. By design the extension will block multiple users if they are using the same proxy/IP-address. This ain't a bug – it's a feature! Please report problems directly to the author by email. .. _ChangeLog: ChangeLog --------- For further information see `http://www.sysfire.de/entwicklung/typo3/extensions/sysfire- failban.html `_ .. ### BEGIN~OF~TABLE ### .. _0-0-x: 0.0.x ^^^^^ .. container:: table-row Version 0.0.x Changes pre-release. .. _0-1-0: 0.1.0 ^^^^^ .. container:: table-row Version 0.1.0 Changes Initial public release .. _0-1-1: 0.1.1 ^^^^^ .. container:: table-row Version 0.1.1 Changes Performance optimization for large sys\_log tables .. _0-1-2: 0.1.2 ^^^^^ .. container:: table-row Version 0.1.2 Changes Added additional configuration parameter to parse large sys\_log; SQL rewritten .. _0-1-3: 0.1.3 ^^^^^ .. container:: table-row Version 0.1.3 Changes Bugfix-release .. _0-1-4: 0.1.4 ^^^^^ .. container:: table-row Version 0.1.4 Changes Added parameter and methods to notify admin of blocking by email (feature request of Christian Clemens); added option to log to sys\_log .. _0-1-5: 0.1.5 ^^^^^ .. container:: table-row Version 0.1.5 Changes Updated for TYPO3 6.2 .. _0-1-6: 0.1.6 ^^^^^ .. container:: table-row Version 0.1.6 Changes Bugfix-Release: “Check for broken extensions” reported non-compability with 6.2. Compability for TYPO3 below 6.1.x dropped (use version 0.1.4) .. ###### END~OF~TABLE ###### .. ######CUTTER_MARK_IMAGES###### .. |img-1| image:: img-1.png .. :align: left .. :border: 0 .. :height: 44 .. :id: graphics5 .. :name: graphics5 .. :vspace: 57 .. :width: 161 .. |img-2| image:: img-2.png .. :align: left