You are here: Foswiki>Tasks Web>Item9295 (04 Oct 2010, KennethLavrsen)Edit Attach

Item9295: Configure does not log failed password attempts

pencil
Priority: Normal
Current State: Closed
Released In: 1.1.0
Target Release: minor
Applies To: Engine
Component: configure
Branches:
Reported By: GeorgeClark
Waiting For:
Last Change By: KennethLavrsen
Configure doesn't log failed password attempts. This allows unlimited and undetected attacks against configure without any record.

This shouldn't be happening if configure is locked down as recommended, restricted to IP and http authentication. But attempts should still be logged.

-- GeorgeClark - 10 Jul 2010

 

ItemTemplate edit

Summary Configure does not log failed password attempts
ReportedBy GeorgeClark
Codebase
SVN Range
AppliesTo Engine
Component configure
Priority Normal
CurrentState Closed
WaitingFor
Checkins distro:67e249235f0e distro:28831d974512
TargetRelease minor
ReleasedIn 1.1.0
Edit  | Attach | Print version | History: r5 < r4 < r3 < r2 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r5 - 04 Oct 2010, KennethLavrsen
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy