Lock down accounts by IP after N failed attemps at logging in (#13472)

* some basic work on preventing brute force attacks * change order * delete depending on configured value * show log and feature to unblock ips etc * more tweaks * lots of fixes, improvements, and tests * add more tests * add more fixes * fix typo * make sure to check for all API requests whether allowed * apply feedback * block more usages * improve usage * fix some tests * fix some tests * fix memory problem * do not whitelist ips for brute force tests * trying to fix tests * only delete if installed * use query * fix some tests * better fix * fix some tests * fix ui tests * fix more tests
author: Thomas Steur <tsteur@users.noreply.github.com> 2018-12-10 22:47:02 +0300
committer: diosmosis <diosmosis@users.noreply.github.com> 2018-12-10 22:47:02 +0300
commit: 491ff0d8ecd7d2e9daeeb103a2a7fc099526dff9 (patch)
tree: 9a242e11fcda26bc8cace3de4594c916acbe9f1b /core/Tracker/Request.php
parent: 43b61590e51980965c8c9731d79e0b1479e8feb6 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/core/Tracker/Request.php b/core/Tracker/Request.php
index aa97fb7d23..4a95ca5a29 100644
--- a/core/Tracker/Request.php
+++ b/core/Tracker/Request.php
@@ -217,6 +217,12 @@ class Request
 
         Common::printDebug("WARNING! token_auth = $tokenAuth is not valid, Super User / Admin / Write was NOT authenticated");
 
+        /**
+         * @ignore
+         * @internal
+         */
+        Piwik::postEvent('Tracker.Request.authenticate.failed');
+
         return false;
     }
author	Thomas Steur <tsteur@users.noreply.github.com>	2018-12-10 22:47:02 +0300
committer	diosmosis <diosmosis@users.noreply.github.com>	2018-12-10 22:47:02 +0300
commit	491ff0d8ecd7d2e9daeeb103a2a7fc099526dff9 (patch)
tree	9a242e11fcda26bc8cace3de4594c916acbe9f1b /core/Tracker/Request.php
parent	43b61590e51980965c8c9731d79e0b1479e8feb6 (diff)