Hi @oldjim3,
This is basically already build in (assuming I correctly understand your question). Let me explain.
The brute force module of the plugin distinguishes between (temporary) lockouts and (permanent) bans. By default an IP is banned after 3 lockouts (note this used to be configurable as the BAN THRESHOLD setting in Global Settings) within 7 days (which is still configurable as the DAYS TO REMEMBER LOCKOUTS setting in Global Settings).
So if the UI would still allow you to configure the BAN THRESHOLD setting in Global Settings, changing the default value of 3 to 1 would automatically convert any temporary lockout into a permanent ban.
@shanedelierrr
The current UI seems to be missing the BAN THRESHOLD setting in the Global Settings!? I can see in the Debug page the setting still exists as blacklist_count for the global module. Bug?
-
This reply was modified 4 months, 3 weeks ago by nlpro.
-
This reply was modified 4 months, 3 weeks ago by nlpro.
Hi @oldjim3,
Turns out the BAN THRESHOLD setting only shows up after enabling the Ban Repeat Offender setting (totally missed that yesterday). So try and change the value of the BAN THRESHOLD setting from 3 to 1 and let me know whether this works for you 😉
-
This reply was modified 4 months, 2 weeks ago by nlpro.
@shanedelierrr,
Just like the display of the BAN THRESHOLD setting is based on the value of the Ban Repeat Offender setting shouldn’t this also apply for the DAYS TO REMEMBER LOCKOUTS setting? Both of these settings are exclusively tied to the IP banning feature. Also a chance to streamline the names and labels of these settings eg:
V Ban Repeat Offender
Permanently add a locked-out IP address to the “Ban Users” list after reaching the configured “BAN THRESHOLD” within the configured “BAN THRESHOLD PERIOD” timeframe.
BAN THRESHOLD
3
The number of lockouts Solid Security must remember before permanently banning the attacker.
BAN THRESHOLD PERIOD
7
The number of days Solid Security must remember lockouts before permanently banning the attacker. This does not affect the logs generated when creating a lockout.
Hi @oldjim3, as @nlpro mentioned, the “Ban Threshold” setting in Global Settings (make sure to check “Ban Repeat Offender” to see the setting) would help you achieve your goal of setting more permanent lockouts than usual.
@nlpro thank you for sharing your thoughts on possibly streamlining the Lockouts settings in Global Settings. I’ll share this with the team and will let you know their feedback as soon as I can!
@shanedelierrr,
Thank you for letting me know. Appreciate it.
Just to add to my case, the key names used for these 3 settings are:
blacklist (Ban Repeat Offender)
blacklist_count (BAN THRESHOLD)
blacklist_period (DAYS TO REMEMBER LOCKOUTS)
Again confirmation these are one group of related settings 😉
Hi @shanedelierrr,
I was wondering whether you received any feedback from the Dev team regarding my suggestion?
Hi @nlpro, thanks for pinging me on this!
Our team is already aware of your feedback and will be considering it, although I don’t have a confirmation yet if it will be implemented.
For now, we’ve added it to our public Ideas board here; this way, other users can upvote/comment on this request. Please feel free to add your thoughts there, too.
Thank you for helping us improve Solid Security.