Post by thomas.huerlimann » Fri Jun 24, 2022 4:49 pm

Hi all

Is there a possibility to block an IP address if there is an unsuccesfull login attempt to the admin-interface, even if the username that has been tried by a brute forcer is not valid?

Or is there a plugin available? Something to recommend?

Version: 3.0.3.8

Best regards
Tom
Last edited by thomas.huerlimann on Wed Jun 29, 2022 12:15 am, edited 1 time in total.


Posts

Joined
Mon May 13, 2019 10:44 pm

Post by JNeuhoff » Fri Jun 24, 2022 4:58 pm

You may want to take a look at our SpamBot Buster tool which can prevent fake logins from spambots.

Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig


User avatar
Guru Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by paulfeakins » Fri Jun 24, 2022 6:23 pm

thomas.huerlimann wrote:
Fri Jun 24, 2022 4:49 pm
Is there a possibility to block an IP address if there is an unsuccesfull login attempt to the admin-interface, even if the username that has been tried by a brute forcer is not valid?
Might be easier to add an .htaccess password or rename your admin folder.

UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk


User avatar
Guru Member
Online

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - London Gatwick, United Kingdom

Post by IP_CAM » Fri Jun 24, 2022 6:27 pm


My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by phpscript7 » Sat Jun 25, 2022 7:32 pm

If it is solved now you write [Solved] in the title - Thank you

New member

Posts

Joined
Wed Jan 04, 2017 3:55 pm

Post by thomas.huerlimann » Wed Jun 29, 2022 12:14 am

Hi all,

Thanks a lot for all your responses.

> SpamBot Buster Tool

Looks interesting, thank you for the hint. But after reading the desciption, i can not see if it fits my need. There is no information about the /admin page. Is there a sample to check?

> .htaccess

It's a windows host. But ok, i can protect the /admin page with a similar mechanism. A good idea.

> Renaming admin-folder

Gave me blank page afterwards, maybe i need to clear the cache or something. Did revert the changes.

> http://yourdomain.com/admin/?key=value'

Looks also like a good solution to me. Compatibility with 3.0.3.8 not listed. Will it wok too?

I will go with one of the suggest solutions.

Thanks!
Tom


Posts

Joined
Mon May 13, 2019 10:44 pm

Post by IP_CAM » Wed Jun 29, 2022 12:54 am

Should work with latest OC v.3.x as well, I assume ... ;)

My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: Baidu [Spider], Semrush [Bot] and 183 guests