Is it by design that UID 1 cannot be hard blocked regardless of failed login attempts? While this seems the most likely account for an attempted hack, it would also leave a site vulnerable to being crippled by a few malicious (or accidental) failed logins if this were the only privileged user of a site.

CommentFileSizeAuthor
#3 1858092-3.patch654 bytesdivyansh
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

deekayen’s picture

deekayen CreditAttribution: deekayen commented
Version: 6.x-1.1 » 7.x-1.x-dev

Bumping version.

shrop’s picture

shrop CreditAttribution: shrop commented

I am not sure of the best approach here, but it does seem standard for systems to block any account. Ex: host deny systems for unix firewalls. Would it be possible to add documentation to explain all users can be hard blocked, recommend having alternative admin accounts (as you should anyway), and instructions to unblock via direct database manipulation if all else fails?

divyansh’s picture

divyansh CreditAttribution: divyansh as a volunteer and at Srijan | A Material+ Company for Drupal India Association commented
Version: 7.x-1.x-dev » 2.0.1
Issue summary: View changes
Status: Active » Needs review
FileSize
1858092-3.patch654 bytes

Hi,
I was having the same issue, so I have created this patch.