AntiBrutePlugin.php

Summary
AntiBrutePlugin.php
AntiBrutePlugindelay + log multiple fail logins
AntiBrutePluginMain AntiBrute plugin class
initializeInitializes the plugin.
onStartCheckPasswordDelay failed login attemptss after the first attempt for up to 5 seconds.
onEndCheckPasswordIncrement attempt count on login failure, and remove failed logins on successful entry.
onPluginVersionModify a versions array to provide the plugin information.

AntiBrutePlugin

delay + log multiple fail logins

postActiv

the micro-blogging software

Copyright

Copyright © 2016-2017, Maiyannah Bishop

Derived from code copyright various sources

  • GNU Social © 2013-2016, Free Software Foundation, Inc
  • StatusNet © 2008-2012, StatusNet, Inc

License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program.  If not, see http://www.gnu.org/licenses/.

https://www.gnu.org/licenses/agpl.html

About

Plugin that mitigates brute-force attacks by delaying failed login attempts.

PHP version

Tested with PHP 7

File Authors

Web

AntiBrutePlugin

Main AntiBrute plugin class

Summary
initializeInitializes the plugin.
onStartCheckPasswordDelay failed login attemptss after the first attempt for up to 5 seconds.
onEndCheckPasswordIncrement attempt count on login failure, and remove failed logins on successful entry.
onPluginVersionModify a versions array to provide the plugin information.

initialize

public function initialize()

Initializes the plugin.

onStartCheckPassword

public function onStartCheckPassword($nickname,
$password,
&$authenticatedUser)

Delay failed login attemptss after the first attempt for up to 5 seconds.

Parameters

  • string $nickname - email or nickname of the user
  • string $password - password entered
  • User $authenticatedUser - an authenticated user

Returns

  • bool true to continue processing StartCheckPassword

onEndCheckPassword

public function onEndCheckPassword($nickname,
$password,
$authenticatedUser)

Increment attempt count on login failure, and remove failed logins on successful entry.

Parameters

  • string $nickname - nickname or email of user
  • string $password - password entered
  • User $authenticatedUser - an authenticated user

Returns

  • bool true

onPluginVersion

public function onPluginVersion(array &$versions)

Modify a versions array to provide the plugin information.

Parameters

  • array $versions - versions array to modify

Returns

  • bool true
public function initialize()
Initializes the plugin.
public function onStartCheckPassword($nickname,
$password,
&$authenticatedUser)
Delay failed login attemptss after the first attempt for up to 5 seconds.
public function onEndCheckPassword($nickname,
$password,
$authenticatedUser)
Increment attempt count on login failure, and remove failed logins on successful entry.
public function onPluginVersion(array &$versions)
Modify a versions array to provide the plugin information.