NOTE: If you are a developer, please use a private wiki based on foswiki/trunk on a daily base ...or use trunk.foswiki.org to view this page for some minimal testing.
Use Item9693 for docu changes for 1.2 and 2.0.
You are here: Foswiki>Tasks Web>Item9295 (04 Oct 2010, KennethLavrsen) Edit this topic text (e) Attach an image or document to this topic; manage existing attachments (a) View sequential topic history View without formatting (v) Create new topic Printable version of this topic (p) More: delete or rename this topic; set parent topic; view and compare revisions (m)

Item9295: Configure does not log failed password attempts

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Normal Closed Engine configure  
Configure doesn't log failed password attempts. This allows unlimited and undetected attacks against configure without any record.

This shouldn't be happening if configure is locked down as recommended, restricted to IP and http authentication. But attempts should still be logged.

-- GeorgeClark - 10 Jul 2010

 

ItemTemplate edit

Summary Configure does not log failed password attempts
ReportedBy GeorgeClark
Codebase
SVN Range
AppliesTo Engine
Component configure
Priority Normal
CurrentState Closed
WaitingFor
Checkins Foswikirev:8103 Foswikirev:8106
TargetRelease minor
ReleasedIn 1.1.0
Edit | Attach | Print version | History: r5 < r4 < r3 < r2 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r5 - 04 Oct 2010, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons LicenseGet Foswiki at sourceforge.net. Fast, secure and Free Open Source software downloads