Block IP address on exceeding backend login attemps - General Discussions - General Discussions - Progress Community
 General Discussions

Block IP address on exceeding backend login attemps

  • Block IP address on exceeding backend login attemps
  • In security implementation perspective we need to secure Sitefinity backend which requires following implementation.

    • Place a restrictions to block each IP which exceed the number of login from 3-5.
    • Need to check if the user is already logged in and from which IP they are accessing the logged in section. If  the same IP is accessing the Login form for 5 user then it should block any other user from the same IP to login to coordinator section.

     

    Seems some custom provider implementation is required. but not sure how.

     

    Thanks,

  • Hi,

    You can find information about building a custom provider on http://docs.sitefinity.com/tutorial-create-a-custom-membership-provider

    Now, be aware that filtering by IP address is not always a foolproof way to blacklist a potential attacker depending of your network topology. In particular, an attacker could use the same external IP address as other legitimate users (if accessing your website from the same external company, same public wifi, etc.)

    Regards,
    Sitefinity Laurent
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items