1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

LoginSecurity 1.2.1

Log all user and admin login attempts!

  1. Lyphiard

    Lyphiard Active Member

    Lyphiard submitted a new resource:

    LoginSecurity - Log all user and admin login attempts!

    Read more about this resource...
     
  2. Lyphiard

    Lyphiard Active Member

    Lyphiard updated LoginSecurity with a new update entry:

    New Features

    Read the rest of this update entry...
     
  3. Lyphiard

    Lyphiard Active Member

  4. TRGCommunity

    TRGCommunity Active Member

    Is there any possibility to translate the email text?
     
  5. Lyphiard

    Lyphiard Active Member

  6. Lyphiard

    Lyphiard Active Member

    I've added the phrases "lsec_login_from_new_ip", "lsec_new_login_attempt", and "lsec_user_agent", which should be used in the email template.
     
    TRGCommunity likes this.
  7. Mouth

    Mouth Well-Known Member

    Any chance this can be off by default? I don't want users to start receiving emails automatically everytime they logon between desktop and mobile.
     
  8. Lyphiard

    Lyphiard Active Member

  9. Lyphiard

    Lyphiard Active Member

    I've added a new option in ACP, but you'll need to modify the column lsec_notify_new_ip in the table xf_user_option for any existing users.
     
    Mouth likes this.
  10. TRGCommunity

    TRGCommunity Active Member

    Wow, that was fast! Thank you very much :)
     
    CabCon likes this.
  11. rocket0191

    rocket0191 Member

    Hey @Lyphiard,

    Love this addon. Great job on it!

    One thing I would love to see is the ability to give staff members (aka moderators) the ability to see the last X number of login attempts on any particular user from the frontend. For my particular community, the administrator control panel is limited to myself and one other person, but I'd love to be able to give some staff members the ability to see this from the frontend. A couple of ways this could be accomplished is through a tab on each user's profile or some user lookup page within a moderator's account, similar to Moderator Essentials' IP lookup feature.

    As is though, it's a great addon. Thanks for taking the time to develop it and put it out there. :)
     
  12. Lyphiard

    Lyphiard Active Member

    rocket0191 and BamaStangGuy like this.
  13. Lyphiard

    Lyphiard Active Member

    Lyphiard updated LoginSecurity with a new update entry:

    GeoIP & ACP Login Alerts

    Read the rest of this update entry...
     
    rocket0191 and TRGCommunity like this.
  14. pecadm

    pecadm Member

    Hey @Lyphiard ,

    Great addon, thank you very much.

    Would it be possible to add an IP whitelist option for the users ?
    A lot of our users (including me ;) ) are constantly switching between the same networks (home, office etc.), but do not want to deactivate the email option for security reasons. Would be great if there was an option set some "trusted IPs" per user.
     
  15. Lyphiard

    Lyphiard Active Member

    Do you mean for ACP logins?
     
  16. madness85

    madness85 Active Member

    Nice addon thank you. I'm a right saying that it doesn't notify users of failed login attempt or notify selected admins of failed control panel attempts?
     
  17. Lyphiard

    Lyphiard Active Member

    No, it currently does not. If someone decides to try to log into 100 admin accounts, I don't think it would be wise to send out 100 email notifications.

    I might add a future feature where it will send a notification to certain people if there were X failed admin login attempts within the last Y minutes.
     
    madness85 likes this.
  18. madness85

    madness85 Active Member

    You could add ban IP feature after 5 attempts. Include a user whitelist tho :)
     
  19. pecadm

    pecadm Member

    ACP would also be ok, but for users would be more important.
     
  20. Lyphiard

    Lyphiard Active Member

    It's only going to email users if their logging on with a new IP that they never ever used before, so they will only receive one IP per email, ever.
     
    pecadm likes this.

Share This Page