Cerber never locks anyone out

  • Resolved phil1984

    (@phil1984)


    10 years, 2 months ago

    While testing this plugin, I was impressed with the amount of configuration options. However I can’t get the basic lockout functionality to work.

    I have white listed my home IP so I am trying to “hack” in with my mobile phone. Every failed attempt makes the counter decrease down to 1, but then it constantly says “You have only one attempt remaining”. So I can still make an infinite number of password attempts without getting my ip banned. I am using a constant username “hack” which does not exist. The list of failed attempts does display in the Activity Log, but still no Lockout.

    Have I set it up wrong?

    https://wordpress.org/plugins/wp-cerber/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author gioni

    (@gioni)

    10 years, 2 months ago

    Hi! Send me, please, a screenshot of the Main Settings tab.

    Thread Starter phil1984

    (@phil1984)

    10 years, 2 months ago

    Options JSON:

    {“attempts”:10,”period”:60,”lockout”:60,”agperiod”:999,”aglocks”:3,”aglast”:48,”notify”:”1″,”above”:”5″,”subnet”:”1″,”nonusers”:”1″,”loginpath”:””,”cilimit”:200,”ciperiod”:5,”ciduration”:60,”cinotify”:”1″,”email”:””,”keeplog”:”90″,”usefile”:”1″,”stopenum”:1,”xmlrpc”:1,”ping”:0,”nofeeds”:0}

    For Reference:

    Attempts: 10 allowed retries in 60 minutes
    Lockout duration: 60 minutes
    Aggressive lockout: Increase lockout duration to 999 hours after 3 lockouts in the last 48 hours
    Yes (checked): Notify admin if the number of active lockouts above 5
    No (Unchecekd): My site is behind a reverse proxy

    Block subnet: YES
    Non-existent users: YES
    Redirect dashboard requests: NO
    Request wp-login.php: NO

    Custom Login URL: <EMPTY>
    Disable wp-login.php: NO

    Citadel Threshold: Enable after 200 failed login attempts in last 5 minutes
    Duration: 60 minutes
    Notifications: YES

    Notification Email Address: <EMPTY>

    Keep records for: 90 days
    Use file: YES

    Thread Starter phil1984

    (@phil1984)

    10 years, 2 months ago

    Hi Gioni,

    I have just found this line in my logs hidden away in my /var/log/messages file. It seems to be killing PHP execution at a cruicial point.

    Feb 26 09:22:10 php1 suhosin[18954]: ALERT – function within blacklist called: openlog() (attacker ‘xx.xx.xx.xx’, file ‘/xxxxxxx/public_html/wp-content/plugins/wp-cerber/wp-cerber.php’, line 391)

    I wrongly assumed it was a problem with your plugin. Sorry for the false alarm.

    Plugin Author gioni

    (@gioni)

    10 years, 2 months ago

    Hi!

    Good news. Don not check Use file if you are not using fail2ban.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Cerber never locks anyone out’ is closed to new replies.

Tags