diff options
| author | Thomas Steur <tsteur@users.noreply.github.com> | 2018-12-10 22:47:02 +0300 |
|---|---|---|
| committer | diosmosis <diosmosis@users.noreply.github.com> | 2018-12-10 22:47:02 +0300 |
| commit | 491ff0d8ecd7d2e9daeeb103a2a7fc099526dff9 (patch) | |
| tree | 9a242e11fcda26bc8cace3de4594c916acbe9f1b /plugins/Login/templates | |
| parent | 43b61590e51980965c8c9731d79e0b1479e8feb6 (diff) | |
Lock down accounts by IP after N failed attemps at logging in (#13472)
* some basic work on preventing brute force attacks
* change order
* delete depending on configured value
* show log and feature to unblock ips etc
* more tweaks
* lots of fixes, improvements, and tests
* add more tests
* add more fixes
* fix typo
* make sure to check for all API requests whether allowed
* apply feedback
* block more usages
* improve usage
* fix some tests
* fix some tests
* fix memory problem
* do not whitelist ips for brute force tests
* trying to fix tests
* only delete if installed
* use query
* fix some tests
* better fix
* fix some tests
* fix ui tests
* fix more tests
Diffstat (limited to 'plugins/Login/templates')
| -rw-r--r-- | plugins/Login/templates/bruteForceLog.twig | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/plugins/Login/templates/bruteForceLog.twig b/plugins/Login/templates/bruteForceLog.twig new file mode 100644 index 0000000000..da856790bf --- /dev/null +++ b/plugins/Login/templates/bruteForceLog.twig @@ -0,0 +1,42 @@ +{% extends 'admin.twig' %} + +{% set title %}{{ 'Login_BruteForceLog'|translate }}{% endset %} + +{% block content %} + + <div piwik-content-block content-title="{{ 'Login_CurrentlyBlockedIPs'|translate|e('html_attr') }}"> + {% if blockedIps is empty %} + <p>{{ 'UserCountryMap_None'|translate }}</p> + {% else %} + <ul style="margin-left: 20px;"> + {% for blockedIp in blockedIps %} + <li style="list-style: disc;">{{ blockedIp }}</li> + {% endfor %} + </ul> + {% endif %} + + {% if blockedIps is not empty %} + <p><br />{{ 'Login_CurrentlyBlockedIPsUnblockInfo'|translate }}</p> + + <div> + <input type="button" class="btn" value="{{ 'Login_UnblockAllIPs'|translate }}" onclick="bruteForceLog.unblockAllIps();"> + </div> + + <div id="confirmUnblockAllIps" class="ui-confirm"> + <h2>{{ 'Login_CurrentlyBlockedIPsUnblockConfirm'|translate }}</h2> + <input role="yes" type="button" value="{{ 'General_Yes'|translate }}"/> + <input role="no" type="button" value="{{ 'General_No'|translate }}"/> + </div> + {% endif %} + + {% if blacklistedIps is not empty %} + <h3>{{ 'Login_IPsAlwaysBlocked'|translate }}</h3> + <ul style="margin-left: 20px;"> + {% for blacklistedIp in blacklistedIps %} + <li style="list-style: disc;">{{ blacklistedIp }}</li> + {% endfor %} + </ul> + {% endif %} + </div> + +{% endblock %} |