You exceeded the maximum allowed number of login attempts

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Scam Warning
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
User avatar
haggisv
Registered User
Posts: 261
Joined: Wed Dec 20, 2006 3:31 am
Location: Adelaide, Australia
Contact:

Re: You exceeded the maximum allowed number of login attempt

Post by haggisv » Thu Jan 06, 2011 7:04 pm

I agree, it's such a waste of bandwidth and resources! It pretty much doubles you hosting requirements, if not more.

User avatar
-ds-
Registered User
Posts: 554
Joined: Wed Sep 14, 2005 7:12 pm

Re: You exceeded the maximum allowed number of login attempt

Post by -ds- » Mon Jan 10, 2011 3:17 pm

After checking my server logs the largest hits (2000+ in 9 days) came from

adsl-dyn-142.95-102-44.t-com.sk

User avatar
patchouly
Registered User
Posts: 74
Joined: Wed Jul 09, 2008 4:26 pm

Re: You exceeded the maximum allowed number of login attempt

Post by patchouly » Mon Jan 10, 2011 7:57 pm

I've been having the same problem. A lot of my members are getting frustrated. It seems like a lot of the attempts are coming from Germany.

Has anyone heard anything more about this or know of any way to stop it?

Pit$Bull
Former Team Member
Posts: 23099
Joined: Sat Dec 02, 2006 4:08 pm
Name: Can't Remember

Re: You exceeded the maximum allowed number of login attempt

Post by Pit$Bull » Mon Jan 10, 2011 8:07 pm

Check the "Log me on automatically each visit" when logging in, they cant cause an issue if you stay logged in.

User avatar
haggisv
Registered User
Posts: 261
Joined: Wed Dec 20, 2006 3:31 am
Location: Adelaide, Australia
Contact:

Re: You exceeded the maximum allowed number of login attempt

Post by haggisv » Tue Jan 11, 2011 12:00 am

I find that my site slows down significantly when these waves of login attemps come in as well.

If I temporarily disable new registrations, will this reduce the load on the server?

Pit$Bull
Former Team Member
Posts: 23099
Joined: Sat Dec 02, 2006 4:08 pm
Name: Can't Remember

Re: You exceeded the maximum allowed number of login attempt

Post by Pit$Bull » Tue Jan 11, 2011 12:04 am

haggisv wrote:If I temporarily disable new registrations, will this reduce the load on the server?
No, they are trying to log in not register.

User avatar
callumacrae
Website Team Member
Website Team Member
Posts: 2662
Joined: Tue Feb 12, 2008 12:28 pm
Location: London, UK
Name: Callum Macrae
Contact:

Re: You exceeded the maximum allowed number of login attempt

Post by callumacrae » Tue Jan 11, 2011 8:51 am

If you're worried about bandwidth, block the offending IPs in your htaccess. Apart from that, make sure you're using a good CAPTCHA and you will be fine.

It might also help to deny newly registered users the permissions to view the memberlist.

~Callum
macr.ae = my website. you probably won't like it.
Proud user ofProud user of

User avatar
daveht
Registered User
Posts: 195
Joined: Mon Jan 05, 2009 9:57 pm
Location: NH USA
Contact:

Re: You exceeded the maximum allowed number of login attempt

Post by daveht » Wed Jan 12, 2011 12:03 am

Pit$Bull wrote:Check the "Log me on automatically each visit" when logging in, they cant cause an issue if you stay logged in.
That didn't work! I am always logged in and it did it to me also today. My members are also complaining about this. Are the powers to be aware of this and are they working on this???

Thanks!
Dave

User avatar
Noxwizard
Support Team Leader
Support Team Leader
Posts: 10216
Joined: Mon Jun 27, 2005 8:41 pm
Location: Texas, USA
Name: Patrick Webster
Contact:

Re: You exceeded the maximum allowed number of login attempt

Post by Noxwizard » Wed Jan 12, 2011 12:16 am

If you're checking the box and getting logged out, that's a different issue. The problem of visiting your board and immediately being presented with a CAPTCHA is a difficult problem. Malicious users are trying to gain access to your account by guessing passwords. In order to make that more difficult, a CAPTCHA is displayed after a certain amount of failed logins. It isn't removed until you successfully log in.
[Support Template] - [Read Before Posting] - [phpBB Knowledge Base]
Do not contact me for private support, please share the question in our forums.

franfj
Registered User
Posts: 5
Joined: Sun Mar 22, 2009 1:27 pm

Re: You exceeded the maximum allowed number of login attempt

Post by franfj » Wed Jan 12, 2011 2:32 pm

In my forum this attacks have stopped after a few days, it seems that a bot was trying to obtain the users password, a lot of attacks come from Tor proxy servers and a few from other proxy servers.

Locked

Return to “[3.0.x] Support Forum”

Who is online

Users browsing this forum: kd0frg and 82 guests

cron