tenants
Well-known member
So the attempts are approximately every 0-5 seconds, over a large period of time?
It looks like they attempted if for about an hour from your load average (which averages 1 attempt every 0.8 seconds)
Rate limiting might not catch this without catching false positives.
I can stop this, and I can do it by extending FPHP
I can log attempts in their session (so there wont be additional queries overhead)
If X attempts within Y time, send them to a 404 (they would have to start a new session to avoid this)
This is much lower risk than blocking IP's, since I can target the individual users attempting to brute force the registration area
- Optionally, also send that IP to a 404 for Z minutes (10 minutes?)
I'm working on a few personal plugins at the moment, but does the above sound good?
It looks like they attempted if for about an hour from your load average (which averages 1 attempt every 0.8 seconds)
Rate limiting might not catch this without catching false positives.
I can stop this, and I can do it by extending FPHP
I can log attempts in their session (so there wont be additional queries overhead)
If X attempts within Y time, send them to a 404 (they would have to start a new session to avoid this)
This is much lower risk than blocking IP's, since I can target the individual users attempting to brute force the registration area
- Optionally, also send that IP to a 404 for Z minutes (10 minutes?)
I'm working on a few personal plugins at the moment, but does the above sound good?