Open for Voting
over 1 year ago

Blocking IP if non wanted user tries to login on forbidden account

I am loking for a function to block an IP if they are trying to login on a
"forbidden account".

Example, we never log in as ADMINISTRATOR or ROOT, but many other tries this account.

Is it possible to bind an event or simular so that the IP get blocked 30
minutes or simular?

We have the inti-hammering enabled, but the people that do this are
"smart", they only tries once per minute, but on a hole day, it
becomes many tries.

Parents

  • +1

    Currently I'm periodically processing failed login messages on specific loginnames with a powershell script to CSV which I import. The option to have it permanently/temporarily blocked aside from the anti-hammering settings would be very welcome.

Comment

  • +1

    Currently I'm periodically processing failed login messages on specific loginnames with a powershell script to CSV which I import. The option to have it permanently/temporarily blocked aside from the anti-hammering settings would be very welcome.

Children
No Data