Brute Force Protection in CSF for IMAP, POP3, and SMTP is a support nightmare. Here are a few scenarios:
1. A user inputs an incorrect password in an email app on a device. The app quickly exceeds the login failure threshold and the user's IP address is locked out of the server, even though the app is trying the same password over and over.
2. A user changes their email password and enters the new correct password in an app on their phone, but they forget to update it in an app on their computer. The app on the computer quickly exceeds the login failure threshold and the user's IP address is locked out of the server, so even their phone with the correct password cannot log in.
3. In a multi-user office, if one user experiences one of the problems above, the entire office is locked out.
Trying to figure out which user/device/app is at fault can result in considerable support time.
Brute Force Protection in cPHulk does not appear to have this problem. It only locks out IP addresses if different incorrect username/password combinations are attempted. Only the app with the incorrect password is unable to log in. Other users and apps at the IP address are unaffected.
Is there a way to configure CSF to ignore repeated login failures if the same username/password combination is used over and over? It would only appear to be a security issue if a hacker is attempting different passwords.
Brute Force Protection in CSF v.s. cPHulk
-
- Junior Member
- Posts: 1
- Joined: 29 Sep 2020, 10:36