Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
While we don't have yet clear how the final user interface will look like, I'll be moving the current working parts to Drupal 7 after the code freeze. In any case, something should be considered:
#485974: Improved security: rate limit login attempts.
Part of the functionality of this module has been introduced into flood protection. Although they are not configurable, they may disrupt the module operation, so the settings and validators could be modified a little bit.
Comment | File | Size | Author |
---|---|---|---|
#5 | login_security-d7.patch | 23.84 KB | codeelegance |
#3 | login_security.zip | 24.78 KB | exratione |
Comments
Comment #1
lpalgarvio CreditAttribution: lpalgarvio commentedflood_control provides a admin interface in D7.
http://drupal.org/project/flood_control
some of login_security functionalities are in D7 core.
Comment #2
lpalgarvio CreditAttribution: lpalgarvio commentedComment #3
exratione CreditAttribution: exratione commentedSince I'm both nice and in a hurry, I'm attaching my rough D7 port of Login Security. Works for me on D7.4, with the caveat that I'm (a) using a very narrow set of its features, (b) not porting the test code, and (c) using Flood Control to bump up the D7 built in failed login block so that Login Security can work.
[i.e. if you want Login Security to be kicking people out of the pool on three failed logins, you'll need to use Flood Control to increase the D7 flood control to 4 or higher failed logins, as it will otherwise step in first and cut Login Security out of the picture.]
So there are no doubt some good bugs in there.
Comment #4
AtomicTangerine CreditAttribution: AtomicTangerine commentedsub, love the practicality of this module, will see what I can do about testing thanks!
Comment #5
codeelegance CreditAttribution: codeelegance commentedHere is a D7 Patch I've created:
Comment #6
deekayen CreditAttribution: deekayen commentedcommitted #5. it's at least a good start for a -dev release, even if it's buggy.