Bug #4122
closed
webConfiguratorlockout table is missing expiration
100%
Description
The sshlockout_pf process adds IP addresses that fail too many GUI login attempts to the webConfiguratorlockout table, but that table has no expiration process to clean it up.
The sshlockout table has a cron job to expire its entries:
/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout
A similar entry to clean up webConfiguratorlockout should be added to the default config.xml and added by upgrade code.
Updated by Renato Botelho over 9 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 56c8376a9eabdc59e8f71535c0f3cd871cd776f1.
Updated by Renato Botelho over 9 years ago
Applied in changeset b0885c5a7aa20801d78df77f5124eca766f34723.
Updated by Phillip Davis over 9 years ago
Works - I locked myself out from 1 IP address (after about 15 dodgy password entries). After the following hour boundary (12:00) the IP was still in the webConfiguratorlockout (not yet 3600 seconds old). After the following hour (13:00) the entry was cleared from webConfiguratorlockout table.
Updated by Renato Botelho over 9 years ago
- Status changed from Feedback to Resolved