Too Many Failed Login Attempts Detected

[hpno]

Having a client forgetting his password. So now, even I reseted password for him, he still cannot login. The error is "Too many failed login attempts detected."

 

Any where in Blesta that I can "unlocked" his account / IP / or something else for him to log in?

 

Thanks.

[Michael]

  On 10/1/2015 at 1:42 PM, phamhung said:

Having a client forgetting his password. So now, even I reseted password for him, he still cannot login. The error is "Too many failed login attempts detected."

 

Any where in Blesta that I can "unlocked" his account / IP / or something else for him to log in?

 

Thanks.

Don't believe so, just tell them to not to log in for about half an hour else it resets the limit for another 30 minutes.

[hpno]

30 minutes? That is something you guess, or a setting somewhere?

 

Another question: any security filter in Blesta allowing blocks users by their IP or email address? (With your answer above, I guess it's not existing in Blesta yet, still want to ask!)

 

Thanks.

[Michael]

  On 10/1/2015 at 3:08 PM, phamhung said:

30 minutes? That is something you guess, or a setting somewhere?

 

Another question: any security filter in Blesta allowing blocks users by their IP or email address? (With your answer above, I guess it's not existing in Blesta yet, still want to ask!)

 

Thanks.

 

A guess, but most places do 15-30minutes

[Paul]

I believe it's 10 minutes, and I thought there was a setting in the config for it. However, there is a setting in the config for max failed attempts. Look in /config/blesta.php for..

 

Configure::set("Blesta.max_failed_login_attempts", 10);

 

Change the value of 10 to say 100. I believe they will be able to login. Then, change it back to 10 or a suitable number.