Merge pull request #313 from mkuron/fail2ban

Authentication rate limiting for Mailcow UI
2017-05-25 15:52:15 +02:00
parent 8c73b8eb5f de8ec199fa
commit 4f2a1d940c
3 changed files with 6 additions and 0 deletions
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -169,6 +169,7 @@ function check_login($user, $pass) {
 	}
 	elseif (!isset($_SESSION['mailcow_cc_username'])) {
 		$_SESSION['ldelay'] = $_SESSION['ldelay']+0.5;
+		error_log("Mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
 	}
 	sleep($_SESSION['ldelay']);
 }