The following warnings occurred:
Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.2.25 (Linux)
File Line Function
/global.php(961) : eval()'d code 26 errorHandler->error
/global.php 961 eval
/showthread.php 28 require_once





× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!
UserSpice   ›   Support Center   ›   UserSpice 4.3 and Below   ›   Status Update 028 - Progress

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Status Update 028 - Progress
mudmin
Lead Developer
*******
Joined: Dec 2015
Posts: 2,285

Reputation: 17
#58
10-07-2017, 02:51 PM
Hmm. So I had a thought. Since the user doesn't have to login in order to use the vericode system, someone could basically put whatever they want in the url and DOS attack the system to lock users out. Basically you could keep requesting password resets with random vericodes to get the system to lock out a particular user. That could be bad.

So that leads me to a bigger picture thought. With all this logging, I wonder if we want to create a banned ip list and ban the ip instead of the user. We'd also need a whitelist though because I have a static ip for my company, so if someone just screwed up inside the office, they'd lock out the entire office.

I'm not sure that there's a great way to do this that doesn't cause more harm than good.
  Reply


Messages In This Thread
Status Update 028 - Progress - by mudmin - 09-24-2017, 07:55 PM
Status Update 028 - Progress - by Brandin - 09-24-2017, 09:15 PM
Status Update 028 - Progress - by Brandin - 09-24-2017, 09:17 PM
Status Update 028 - Progress - by mudmin - 09-24-2017, 09:32 PM
Status Update 028 - Progress - by Brandin - 09-24-2017, 09:35 PM
Status Update 028 - Progress - by mudmin - 09-24-2017, 09:38 PM
Status Update 028 - Progress - by Brandin - 09-24-2017, 09:39 PM
Status Update 028 - Progress - by mudmin - 09-24-2017, 09:42 PM
Status Update 028 - Progress - by Brandin - 09-24-2017, 09:49 PM
Status Update 028 - Progress - by mudmin - 09-24-2017, 09:53 PM
Status Update 028 - Progress - by Brandin - 09-25-2017, 09:55 AM
Status Update 028 - Progress - by Brandin - 09-25-2017, 01:45 PM
Status Update 028 - Progress - by mudmin - 09-25-2017, 02:05 PM
Status Update 028 - Progress - by karsen - 09-25-2017, 02:48 PM
Status Update 028 - Progress - by mudmin - 09-25-2017, 02:50 PM
Status Update 028 - Progress - by karsen - 09-25-2017, 02:56 PM
Status Update 028 - Progress - by Brandin - 09-25-2017, 03:47 PM
Status Update 028 - Progress - by karsen - 09-25-2017, 08:20 PM
Status Update 028 - Progress - by Brandin - 09-25-2017, 08:46 PM
Status Update 028 - Progress - by karsen - 09-26-2017, 02:57 PM
Status Update 028 - Progress - by Brandin - 09-26-2017, 05:58 PM
Status Update 028 - Progress - by Brandin - 09-26-2017, 07:48 PM
Status Update 028 - Progress - by Brandin - 09-26-2017, 09:44 PM
Status Update 028 - Progress - by mudmin - 09-27-2017, 11:52 AM
Status Update 028 - Progress - by karsen - 09-29-2017, 06:56 PM
Status Update 028 - Progress - by mudmin - 09-29-2017, 07:51 PM
Status Update 028 - Progress - by mudmin - 09-30-2017, 11:50 AM
Status Update 028 - Progress - by Brandin - 09-30-2017, 03:50 PM
Status Update 028 - Progress - by karsen - 10-02-2017, 06:15 PM
Status Update 028 - Progress - by Brandin - 10-02-2017, 07:50 PM
Status Update 028 - Progress - by mudmin - 10-03-2017, 11:33 AM
Status Update 028 - Progress - by karsen - 10-03-2017, 06:32 PM
Status Update 028 - Progress - by Brandin - 10-03-2017, 06:35 PM
Status Update 028 - Progress - by karsen - 10-03-2017, 06:55 PM
Status Update 028 - Progress - by karsen - 10-03-2017, 09:16 PM
Status Update 028 - Progress - by Brandin - 10-03-2017, 09:28 PM
Status Update 028 - Progress - by Brandin - 10-03-2017, 09:35 PM
Status Update 028 - Progress - by mudmin - 10-04-2017, 11:29 AM
Status Update 028 - Progress - by Brandin - 10-04-2017, 02:58 PM
Status Update 028 - Progress - by Brandin - 10-04-2017, 08:36 PM
Status Update 028 - Progress - by dan - 10-04-2017, 11:39 PM
Status Update 028 - Progress - by dan - 10-04-2017, 11:39 PM
Status Update 028 - Progress - by karsen - 10-05-2017, 02:11 PM
Status Update 028 - Progress - by Brandin - 10-05-2017, 08:08 PM
Status Update 028 - Progress - by karsen - 10-05-2017, 09:12 PM
Status Update 028 - Progress - by mudmin - 10-06-2017, 07:45 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 11:02 AM
Status Update 028 - Progress - by mudmin - 10-07-2017, 11:37 AM
Status Update 028 - Progress - by Brandin - 10-07-2017, 11:45 AM
Status Update 028 - Progress - by mudmin - 10-07-2017, 12:01 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 12:05 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 12:20 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 01:36 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 01:57 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 02:07 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 02:11 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 02:39 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 02:51 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 03:20 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 03:22 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 03:27 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 03:32 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 03:40 PM
Status Update 028 - Progress - by mudmin - 10-07-2017, 03:42 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 04:00 PM
Status Update 028 - Progress - by karsen - 10-07-2017, 05:20 PM
Status Update 028 - Progress - by karsen - 10-07-2017, 07:59 PM
Status Update 028 - Progress - by karsen - 10-07-2017, 08:25 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 08:50 PM
Status Update 028 - Progress - by Brandin - 10-07-2017, 09:05 PM
Status Update 028 - Progress - by karsen - 10-07-2017, 09:32 PM

Forum Jump:


Users browsing this thread: 19 Guest(s)