[ home / bans / all ] [ qa / jp / cry ] [ sum ] [ f / ec ] [ b / poll ] [ tv / bann ] [ toggle-new / tab ]

/b/ - Boson Technology

Also known as Boson /g/

New Reply

Whitelist Token
Password (For file deletion.)
Markup tags exist for bold, itallics, header, spoiler etc. as listed in " [options] > View Formatting "

Nen Refugee Thread Please be kind and welcoming to nen friends!

[Return] [Bottom] [Catalog]

File:1599680017788.png (17.44 KB,753x401)


I thought I should let you know your login page could use a security update. I don't feel like spending the day or so of time brute forcing my way in, but someone else might.


the hacker known as 4chan has arrived


it's been suggested a few hours ago and I think that's the way people break in on other vichan sites. The team has passwords that get the pass on https://howsecureismypassword.net/ and my server login is unique to kissu only.


also, worth putting this into practice for the captchas too


wtf happened to the thumbnail


The following steps add a max post counter to thwart low effort brute force attacks on passwords.
It has an anti-lockout mechanism by remembering a mod's login IP so you shouldn't get locked out of your account in many common scenarios.
Unless a cracker is on an IP you've used before this will prevent them from using proxy farms to bruteforce.

1) create modlogins table(this will be entered into on an unsuccessful password attempt):
CREATE TABLE modlogins(name VARCHAR(255), ip VARCHAR(255)NOT NULL, attempt_unix INTEGER(11), success INTEGER(1));

(backup before replacing)
2) Replace mod_login in inc/mod/pages.php
3) Replace login in inc/mod/authphp

4) in config.php add:
$config["max_login_attempts_refresh_time"] = 60 * 60; // 1 hour
$config["max_login_attempts"] = 10;
$config["error"]["max_logins_reached"] = "You have reached the maximum number of login attempts.";




Why replace?


File:bruteforce-saftei.zip (23.95 KB)

because it modifies behaviour of the login routine

[Return] [Top] [Catalog] [Post a Reply]
Delete Post [ ]

[ home / bans / all ] [ qa / jp / cry ] [ sum ] [ f / ec ] [ b / poll ] [ tv / bann ] [ toggle-new / tab ]