We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Get started
Google+

vulnerable to brut force attack | Forum

Topic location: Forum home » Support » General Questions
Marcus
Marcus Jun 27 '20
hi folks login portion is vulnerable to brut force attack since it doesnt block u after x amount of failed attempts. 
#1
dave Leader
dave Jun 27 '20
There is a plugin that does this..  actually there are a few
#2
Marcus
Marcus Jun 27 '20
thanks brother why would they leave a gap in security. also admin portion of the site should only be acced by authorized users only else 404 as this is the area id attack first lol. 
#3
dave Leader
dave Jun 27 '20

admin area does check for $isAdmin i believe is the name, if you are not admin the link and icon for admin wont show on the page dropdown


To answer your question, yes it does need to be updated but most DDoS attacks are handled server side by the host in most cases. But yes the login needs to be updated.

The Forum post is edited by dave Jun 27 '20
#4
Marcus
Marcus Jun 27 '20
appreciate it dave. 
#5
Marcus
Marcus Jun 27 '20
pls send me one
#6
Marcus
Marcus Jun 27 '20
thanks Chris 
#7
Patrick Reed
Patrick Reed Aug 15 '20

Quote from Chris_W I think the free Antibruteforce plugin has been removed from the store. I have a copy if anyone needs it.
I would like to have a copy if possible please. Thank you.
#8
Glor
Glor Aug 15 '20
Hi Chris and Marcus, Kindly send me one. I need one badly.
#9
Sumate
Sumate Aug 15 '20

You can download it from here.



Zip file attachment removed by moderator.

The Forum post is edited by dave Aug 16 '20
#10
dave Leader
dave Aug 16 '20

Please understand that any paid plugin that is shared in this fashion is not supported at all from oxwall or the oxwall store. 


I have removed the plugin attachment  in the previous post.


We prohibit sharing of such plugins in this way because it bypasses the reason why it was taken down in the first place, it can also be very dangerous and finally it violates license rules. Paid plugins regardless of status (active, removed, suspended) must still hold true to the develoers rights to the code and to the license. 


We just went through something similar with someone else using a paid plugin that did not purchase it, and that developer was upset and they had a right to be upset.  The same rule applies to everyone, dont be sharing paid plugins regardless of status.  


What you all do in your private communications is your business but do not share paid plugins on oxwall platform in this way.


That means that you are on your own, if it breaks, if it messes up your website, if it crashes your DB.  Do not ask us to fix the plugin or the damage it does to your website, here on the public forum. 

The Forum post is edited by dave Aug 16 '20
#11
Patricia Zorrilla Leader
Patricia Zorrilla Aug 16 '20

I think the users don't value enough the damage they do 

sharing software illegally.

Then they complain that the developers are leaving, that there are no new plugins, that they disappear from the store and so on.

It's outrageous, and also publicly without any shame.


First, recommending plugins that no longer exist

Second, send the copyrighted code to anyone who needs it.

Then comes the step:

- "asks me for my license number"

And the answer:

- "you have to change this and that in these files"


And then the moderator appears, deletes the file and says that publicly no but privately it's okay.


Even SkaDate does it (see https://developers.oxwall.com/forum/topic/67140 )


I don't get it. This way, we won't move forward.

#12
dave Leader
dave Aug 16 '20

I did not intend to indicate that it was ever ok.  My point was that i only have control over oxwall environment, i do not have control over their personal communication so i cannot control that.   I guess i should have just said flat out.... never share paid plugins in any environment...



#13
mccarty torres
mccarty torres Apr 28 '22
I value the information you provide here. What are your thoughts on sports games that are replicated in online games? Here I will share with you basketball stars, a popular sports game in which you may participate and play with your friends.
#14
Jazmin
Jazmin May 7
Grab your favorite summer dresses for ladies in Pakistan. Jazmin presents an incredible collection of summer with remarkable designs and patterns, which make you attractive and gorgeous. Get your favorite dress online today!
#15
Adoro
Adoro May 7
Step into individuality with Adoro's uniquely crafted ladies handbags. From bold avant-garde to timeless elegance, our collection celebrates diversity, adorned with the Adoro touch. Elevate your style game.
#16
ecs shop
ecs shop May 7
ECS offers the best Ladies Shoes Online in Pakistan. Discover the best pair of shoes for women like heels, slippers, sandals, khussa, and many more online at ECS. Order your favorite ladies shoes online at reasonable prices.
#17
Ammara khan
Ammara khan May 8
Discover Ammara Khan's stylish ladies shirt! From classic button-downs to trendy blouses, our collection offers versatile options for every occasion. Elevate your wardrobe with our latest designs, crafted with quality fabrics and attention to detail. Explore now and find the perfect shirt to express your unique style!
#18
Start | Demo | About | Policies & Licenses | Blog | Contact Us | Oxwall Foundation | Roadmap | Developer Central | Oxwall hosting | Contribute | Partners | Donation | Community software | Dating software
© Copyright Oxwall Software
Oxwall Community Software