Captcha for login page? Captcha for login page?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Captcha for login page?

Started by H4F, April 27, 2020, 04:16:53 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

H4F

April 27, 2020, 04:16:53 AM
Hi,

Default option is captcha for comments or new registration, but not for login page. I know there is an anti-ddos protection by limiting the amount of tries to 5. But in my case, as I run a host dedicated mostly to fansites, I have more than +700 sites with Coppermine on a single server. And we have noticed that from time to time there are DDOS attacks to Coppermine's login.php. Of course, under normal circumstances a servers doesn't have as many Coppermine installations as we have, but sometimes it is really frustrating as we can see most requests go to login.php.

Not to mention that the default limit for the anti-DDOS is 5, to change it we would have to ask our hostess to change it manually and in future installations as well, with a Captcha it would filter the ddos attacks easily.

H4F

#1
April 27, 2020, 04:18:59 AM
Would also like to note that we have also added a mod_security rule to change it to 3 times instead of 5, but a captcha would be more helpful and would impact less on servers performance
Print
Go Up Pages1
User actions