Introducing Quests: Tailored gamification & bridging in-person events with your community Mike Gitkos Friday at 12:39 PM1 day
Posted August 28, 20186 yr hello, I am facing every time a problem people run some bot to crack my users username:pass they run like a bot who try to log in, like now I am facing more than 7 thousand guests all from the different IPs try to login...how I stop this when no recaptcha available on login screen...! what I do else only I have one option to turn off my website right now and wait for the bot to stop..! I don't want to use third-party plugins and pay for them, why u don't put this built in if some one wants to put recaptcha on login screen he has an option please think about this
August 29, 20186 yr It should lock the account after 3 failed attempts unless you have disabled that feature?
August 29, 20186 yr Author they din't try one user:pass many time. they upload one big user:pass combo and try to find any successfull hit..! my website like not working from yesterday.. because some one run the config on my website right now 6 thousand guest trying to login..! what i do now?? the support team tell me this problem didn't resolve even if i turn off the community because they still have to login option..! check this all guest from diffrent ips...! so i don't even ban the proxy http://prntscr.com/ko2tvl
August 29, 20186 yr Adding CAPTCHA to the login screen may (possibly) prevent any logins from working, but wouldn't prevent the actual behavior/activity going on. A script could still flood you with thousands of requests. This is known as a DDOS, and is something better mitigated by the webhost than the software.
August 29, 20186 yr There was a plugin/hook to add this at one point although a cursory search did not show anything for the latest IPS4.3 series. Having said that it should not be too difficult for a third party coder to write something to add this functionality but I agree with BFarber it sounds more like a DDOS so the Captcha may not really assist that much.
August 30, 20186 yr Author ya i install the plugin- but still 9 to 10 thousand guest try to login at the same time...!
August 30, 20186 yr 3 hours ago, Howard L Martinez said: ya i install the plugin- but still 9 to 10 thousand guest try to login at the same time...! 23 hours ago, bfarber said: Adding CAPTCHA to the login screen may (possibly) prevent any logins from working, but wouldn't prevent the actual behavior/activity going on. A script could still flood you with thousands of requests. This is known as a DDOS, and is something better mitigated by the webhost than the software.
Archived
This topic is now archived and is closed to further replies.