Foswiki on GitHub is open for business! Next release meeting: Monday September 29, 1300Z

Item9295: Configure does not log failed password attempts

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Normal Closed Engine configure  
Configure doesn't log failed password attempts. This allows unlimited and undetected attacks against configure without any record.

This shouldn't be happening if configure is locked down as recommended, restricted to IP and http authentication. But attempts should still be logged.

-- GeorgeClark - 10 Jul 2010


ItemTemplate edit

Summary Configure does not log failed password attempts
ReportedBy GeorgeClark
SVN Range
AppliesTo Engine
Component configure
Priority Normal
CurrentState Closed
Checkins Foswikirev:8103 Foswikirev:8106
TargetRelease minor
ReleasedIn 1.1.0
Topic revision: r5 - 04 Oct 2010, KennethLavrsen
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License