Block IP address on exceeding backend login attemps

Posted by Community Admin on 03-Aug-2018 10:52

Block IP address on exceeding backend login attemps

All Replies

Posted by Community Admin on 27-Mar-2015 00:00

In security implementation perspective we need to secure Sitefinity backend which requires following implementation.

  • Place a restrictions to block each IP which exceed the number of login from 3-5.
  • Need to check if the user is already logged in and from which IP they are accessing the logged in section. If  the same IP is accessing the Login form for 5 user then it should block any other user from the same IP to login to coordinator section.

 

Seems some custom provider implementation is required. but not sure how.

 

Thanks,

Posted by Community Admin on 01-Apr-2015 00:00

Hi,

You can find information about building a custom provider on http://docs.sitefinity.com/tutorial-create-a-custom-membership-provider

Now, be aware that filtering by IP address is not always a foolproof way to blacklist a potential attacker depending of your network topology. In particular, an attacker could use the same external IP address as other legitimate users (if accessing your website from the same external company, same public wifi, etc.)

Regards,
Sitefinity Laurent
Telerik

 
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
 

This thread is closed