6.0.0-alpha12
6/12/25

[#12456] Logging of failed login attempts
Summary Logging of failed login attempts
Queue Synchronization
Queue Version Git master
Type Enhancement
State Resolved
Priority 1. Low
Owners mrubinsk (at) horde (dot) org
Requester mdop (at) seznam (dot) cz
Created 07/13/2013 (4352 days ago)
Due
Updated 07/15/2013 (4350 days ago)
Assigned
Resolved 07/15/2013 (4350 days ago)
Milestone
Patch No

History
07/15/2013 08:19:27 PM Michael Rubinsky Assigned to Michael Rubinsky
State ⇒ Resolved
 
07/15/2013 08:18:49 PM Git Commit Comment #2 Reply to this comment
Changes have been made in Git (master):

commit 6768d1906b750c7a36d7f4090a47a71f5e51adcc
Author: Michael J Rubinsky <mrubinsk@horde.org>
Date:   Mon Jul 15 15:41:55 2013 -0400

     Bug: 12456 Log failed login attempts from ActiveSync clients.

  .../Core/lib/Horde/Core/ActiveSync/Driver.php      |    1 +
  1 files changed, 1 insertions(+), 0 deletions(-)

http://git.horde.org/horde-git/-/commit/6768d1906b750c7a36d7f4090a47a71f5e51adcc
07/13/2013 08:10:32 PM mdop (at) seznam (dot) cz Comment #1
Priority ⇒ 1. Low
Patch ⇒ No
Milestone ⇒
Queue ⇒ Synchronization
Summary ⇒ Logging of failed login attempts
Type ⇒ Enhancement
State ⇒ New
Reply to this comment
Login attempts to Horde through web interface are visible in Error log:

2013-07-13T14:32:39+00:00 DEBUG: HORDE [horde] SQL  (0.0003s)
        SELECT * FROM horde_users WHERE user_uid = 'caligula' [pid 1693 on 
line 558 of "/usr/share/pear/Horde/Db/Adapter/Base.php"]
2013-07-13T14:32:39+00:00 ERR: HORDE [horde] FAILED LOGIN for caligula 
[89.24.16.160] to Horde [pid 1693 on line 199 of 
"/var/www/html/horde/login.php"]

However logins through ActiveSync (and possibly SyncMl as well - not 
checked) are not in Error log:

2013-07-13T14:36:57+00:00 DEBUG: HORDE [horde] SQL  (0.0004s)
        SELECT * FROM horde_users WHERE user_uid = 'caligula' [pid 1971 on 
line 558 of "/usr/share/pear/Horde/Db/Adapter/Base.php"]

It would be useful to have similar error output (which includes user's 
address) so admins can monitor/limit access using tools like fail2ban.

Saved Queries