Auth rate limiting: Mailcow UI and correct treatment of v4-mapped addresses

2017-05-25 13:57:50 +02:00
parent 88f94a2e15
commit 1906c26e5d
3 changed files with 10 additions and 0 deletions
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -169,6 +169,11 @@ function check_login($user, $pass) {
 	}
 	elseif (!isset($_SESSION['mailcow_cc_username'])) {
 		$_SESSION['ldelay'] = $_SESSION['ldelay']+0.5;
+		$err = error_reporting(E_ALL);
+		ini_set('display_errors', 'off');
+		trigger_error("Mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR'], E_USER_WARNING);
+		ini_set('display_errors', 'on');
+		error_reporting($err);
 	}
 	sleep($_SESSION['ldelay']);
 }