Vicidial Logs failed login attempts

All installation and configuration problems and questions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

Vicidial Logs failed login attempts

Postby striker » Fri Oct 01, 2021 12:09 am

Hi
where can i find the logs of failed attempts for vicidial admin ,agent, api logins...
www.striker24x7.com www.youtube.com/c/striker24x7 Telegram/skype id : striker24x7
striker
 
Posts: 962
Joined: Sun Jun 06, 2010 10:25 am

Re: Vicidial Logs failed login attempts

Postby mflorell » Fri Oct 01, 2021 6:30 am

There is no full log of failed logins by default currently because that is actually a crash risk. We had one client who was receiving 1,000,000+ login attempts per hour and in a couple days the log file containing the failed attempts filled their hard drive and crashed their database.

What we have instead is a count of the most recent failed login attempts and the IP address that the last attempt as made from. This data is in the vicidial_users table, in the following fields:
failed_login_count, last_login_date, last_ip

The "failed_login_count" field is reset to 0 every 15 minutes, but after 10 failed login attempts the account cannot be logged into until the count is reset again.
mflorell
Site Admin
 
Posts: 18335
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida

Re: Vicidial Logs failed login attempts

Postby carpenox » Fri Oct 01, 2021 6:33 am

Is there a ready made report for this?
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: Vicidial Logs failed login attempts

Postby mflorell » Sat Oct 02, 2021 6:31 am

There is currently no report for this.
mflorell
Site Admin
 
Posts: 18335
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida

Re: Vicidial Logs failed login attempts

Postby striker » Sat Oct 02, 2021 12:04 pm

thanks @mflorell

i found the Admin failed login attempts response with 401 error code and getting logs in ssl_access_log with client ip.

but the api and agents gives 200 ok for failed attempts
and also i noticed the agent api response shows the sql query ,as show below is the normal ?

ERROR: Invalid Username/Password: |6666|1234|0|0|BAD|0|api|SELECT count(*) from vicidial_users where user='6666' and pass='1234' and user_level > 0 and active='Y' and ( (failed_login_count < 10) or (UNIX_TIMESTAMP(last_login_date) < 1633192948) );|


trunk version.
VERSION: 2.14-829a
BUILD: 210911-1958
www.striker24x7.com www.youtube.com/c/striker24x7 Telegram/skype id : striker24x7
striker
 
Posts: 962
Joined: Sun Jun 06, 2010 10:25 am

Re: Vicidial Logs failed login attempts

Postby mflorell » Sat Oct 02, 2021 2:20 pm

Yes, the admin.php script uses HTTP auth, while the APIs uses variables to do auth(and also allow non-auth responses) so this is working as intended.
mflorell
Site Admin
 
Posts: 18335
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida


Return to Support

Who is online

Users browsing this forum: No registered users and 88 guests