This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm that you accept these cookies being set.

Wrong password
#1
Hello everyone,

I am interested in setting up email notifications for incorrect password entries. I would also like to limit the number of password entry attempts to enhance security. I have tried exploring the documentation and event-based scripting feature, but I haven't found a clear solution yet.

Is there a built-in feature or script to set up email notifications whenever an incorrect password is entered?
How can I limit the number of incorrect password entry attempts?
If there isn’t a built-in feature, could someone guide me on how to create a custom script for these functionalities?
Any help or guidance would be greatly appreciated. Thank you in advance!

Best regards,
Reply
#2
LM has a build in brute force protection, it will block a user after 5 wrong attempts for a minute. You can see logs in user access logs. You can modify this example for your need.
https://forum.logicmachine.net/showthrea...7#pid26027
------------------------------
Ctrl+F5
Reply
#3
(19.10.2023, 09:47)Daniel Wrote: LM has a build in brute force protection, it will block a user after 5 wrong attempts for a minute. You can see logs in user access logs.  You can modify this example for your need.
https://forum.logicmachine.net/showthrea...7#pid26027

I'm having trouble understanding how to capture a "failed attempt" to log into the system. Could you provide an example of how to log such an attempt?
Reply
#4
Check this
Code:
items = db:getall([[
  SELECT user_logs.*, users.name
  FROM user_logs
  JOIN users ON user_logs.login=users.login
  ORDER BY user_logs.id DESC
  LIMIT 50
]])

for _, item in ipairs(items) do
  cls = toboolean(item.failed) and 'danger' or 'success'
 
  log(item.login,item.name, cls, item.ip)
end 
------------------------------
Ctrl+F5
Reply
#5
(19.10.2023, 11:06)Daniel Wrote: Check this
Code:
items = db:getall([[
  SELECT user_logs.*, users.name
  FROM user_logs
  JOIN users ON user_logs.login=users.login
  ORDER BY user_logs.id DESC
  LIMIT 50
]])

for _, item in ipairs(items) do
  cls = toboolean(item.failed) and 'danger' or 'success'
 
  log(item.login,item.name, cls, item.ip)
end 

This was the code I tried according to the example, but it doesn't work.
Reply
#6
What doesn't work? It works for me.
------------------------------
Ctrl+F5
Reply
#7
(19.10.2023, 11:31)Daniel Wrote: What doesn't work? It works for me.


Log is empty, nothing is recorded. Is there anything else to do besides the code?
Reply
#8
Do you have anything in Access logs?
------------------------------
Ctrl+F5
Reply
#9
Yes, Access log is ok, but log is empty.
I tested in http://4n.lv:7999/apps/, results is same. Log is empty.
Reply
#10
This is a special LM where many features are blocked for security, it works on my local LM.
------------------------------
Ctrl+F5
Reply
#11
which fw do you have? Any errors?
------------------------------
Ctrl+F5
Reply
#12
(19.10.2023, 11:46)Daniel Wrote: which fw do you have? Any errors?

latest firmware version. There are no errors. I will try again later and write, but I think it is not entering the cycle.
Reply
#13
Add some static logs to check, maybe it is copy paste issue, use the copy button above my script.
------------------------------
Ctrl+F5
Reply
#14
Daniel's code will only log existing normal users (not admin). This script will log only failed attempts for all users:
Code:
items = db:getall([[
  SELECT *
  FROM user_logs
  WHERE failed=1
  ORDER BY user_logs.id DESC
  LIMIT 50
]])

for _, item in ipairs(items) do
  log(item.login, item.ip, item.created)
end
Reply
#15
(19.10.2023, 12:58)admin Wrote: Daniel's code will only log existing normal users (not admin). This script will log only failed attempts for all users:
Code:
items = db:getall([[
  SELECT *
  FROM user_logs
  WHERE failed=1
  ORDER BY user_logs.id DESC
  LIMIT 50
]])

for _, item in ipairs(items) do
  log(item.login, item.ip, item.created)
end
Hello admin,
This script is functioning, but it logs full even when there is just one incorrect password attempt. Could you please explain what it does exactly? I want it to log only the actual instances of entering the wrong password.
Reply
#16
All logins are saved in DB and this script is just browsing the DB for all failed attempts. If you set limit to 1 it will give you only the last one but this is not an event action it is just pure reading what is in the DB.
------------------------------
Ctrl+F5
Reply


Forum Jump: