Wrong password

[a455115]

Hello everyone,

I am interested in setting up email notifications for incorrect password entries. I would also like to limit the number of password entry attempts to enhance security. I have tried exploring the documentation and event-based scripting feature, but I haven't found a clear solution yet.

Is there a built-in feature or script to set up email notifications whenever an incorrect password is entered?
How can I limit the number of incorrect password entry attempts?
If there isn’t a built-in feature, could someone guide me on how to create a custom script for these functionalities?
Any help or guidance would be greatly appreciated. Thank you in advance!

Best regards,

[Daniel]

LM has a build in brute force protection, it will block a user after 5 wrong attempts for a minute. You can see logs in user access logs. You can modify this example for your need.
https://forum.logicmachine.net/showthrea...7#pid26027

[a455115]

LM has a build in brute force protection, it will block a user after 5 wrong attempts for a minute. You can see logs in user access logs.  You can modify this example for your need.
https://forum.logicmachine.net/showthrea...7#pid26027

I'm having trouble understanding how to capture a "failed attempt" to log into the system. Could you provide an example of how to log such an attempt?

[Daniel]

Check this

Code:

items = db:getall([[
  SELECT user_logs.*, users.name
  FROM user_logs
  JOIN users ON user_logs.login=users.login
  ORDER BY user_logs.id DESC
  LIMIT 50
]])

for _, item in ipairs(items) do
  cls = toboolean(item.failed) and 'danger' or 'success'
 
  log(item.login,item.name, cls, item.ip)
end 

[a455115]

Check this

Code:

items = db:getall([[
  SELECT user_logs.*, users.name
  FROM user_logs
  JOIN users ON user_logs.login=users.login
  ORDER BY user_logs.id DESC
  LIMIT 50
]])

for _, item in ipairs(items) do
  cls = toboolean(item.failed) and 'danger' or 'success'
 
  log(item.login,item.name, cls, item.ip)
end 

This was the code I tried according to the example, but it doesn't work.

[Daniel]

What doesn't work? It works for me.

[a455115]

What doesn't work? It works for me.

Log is empty, nothing is recorded. Is there anything else to do besides the code?

[Daniel]

Do you have anything in Access logs?

[a455115]

Yes, Access log is ok, but log is empty.
I tested in http://4n.lv:7999/apps/, results is same. Log is empty.

[Daniel]

This is a special LM where many features are blocked for security, it works on my local LM.

[Daniel]

which fw do you have? Any errors?

[a455115]

which fw do you have? Any errors?

latest firmware version. There are no errors. I will try again later and write, but I think it is not entering the cycle.

[Daniel]

Add some static logs to check, maybe it is copy paste issue, use the copy button above my script.

[admin]

Daniel's code will only log existing normal users (not admin). This script will log only failed attempts for all users:

Code:

items = db:getall([[
  SELECT *
  FROM user_logs
  WHERE failed=1
  ORDER BY user_logs.id DESC
  LIMIT 50
]])

for _, item in ipairs(items) do
  log(item.login, item.ip, item.created)
end

[a455115]

Daniel's code will only log existing normal users (not admin). This script will log only failed attempts for all users:

Code:

items = db:getall([[
  SELECT *
  FROM user_logs
  WHERE failed=1
  ORDER BY user_logs.id DESC
  LIMIT 50
]])

for _, item in ipairs(items) do
  log(item.login, item.ip, item.created)
end

Hello admin,
This script is functioning, but it logs full even when there is just one incorrect password attempt. Could you please explain what it does exactly? I want it to log only the actual instances of entering the wrong password.

[Daniel]

All logins are saved in DB and this script is just browsing the DB for all failed attempts. If you set limit to 1 it will give you only the last one but this is not an event action it is just pure reading what is in the DB.