Author Topic: how to block user ip if tried x attempts login failed in Roundcube (Read 33 times)

diogo-plta · « **on:** October 15, 2024, 11:57:09 PM »

I didn't find any specific option about Roundcube in CSF.

Is there any possibility to block user ip if more than 3 failed login attempts in Roundcube? using CSF or some other mechanism?

Roundcube login looks very vulnerable.

cyberspace · « **Reply #1 on:** **Today** at 08:09:58 AM »

Try to set the option:

Code: [Select]

$config['log_logins']in:
/usr/local/cwpsrv/var/services/roundcube/config/defaults.inc.php
to "true" then edit the file /etc/csf/csf.conf and change:

Code: [Select]

CUSTOM3_LOG = "/var/log/customlog"to

Code: [Select]

CUSTOM3_LOG = "/usr/local/cwpsrv/var/services/roundcube/logs/userlogins.log"Restart CSF and see if it blocks IP if the IP generates too many failed login attempts.

Additionally I recommend you to add your own IP to the whitelist before you perform any tests.

Control Web Panel

Author Topic: how to block user ip if tried x attempts login failed in Roundcube (Read 33 times)

how to block user ip if tried x attempts login failed in Roundcube

Re: how to block user ip if tried x attempts login failed in Roundcube