All installation and configuration problems and questions
Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N
by striker » Fri Oct 01, 2021 12:09 am
Hi
where can i find the logs of failed attempts for vicidial admin ,agent, api logins...
www.striker24x7.com www.youtube.com/c/striker24x7 Telegram/skype id : striker24x7
-
striker
-
- Posts: 962
- Joined: Sun Jun 06, 2010 10:25 am
-
by mflorell » Fri Oct 01, 2021 6:30 am
There is no full log of failed logins by default currently because that is actually a crash risk. We had one client who was receiving 1,000,000+ login attempts per hour and in a couple days the log file containing the failed attempts filled their hard drive and crashed their database.
What we have instead is a count of the most recent failed login attempts and the IP address that the last attempt as made from. This data is in the vicidial_users table, in the following fields:
failed_login_count, last_login_date, last_ip
The "failed_login_count" field is reset to 0 every 15 minutes, but after 10 failed login attempts the account cannot be logged into until the count is reset again.
-
mflorell
- Site Admin
-
- Posts: 18339
- Joined: Wed Jun 07, 2006 2:45 pm
- Location: Florida
-
by carpenox » Fri Oct 01, 2021 6:33 am
Is there a ready made report for this?
Alma Linux 9.3 | SVN Version: 3822 | DB Schema Version: 1711 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3 | Discord: https://discord.gg/DVktk6smbh
-
carpenox
-
- Posts: 2250
- Joined: Wed Apr 08, 2020 2:02 am
- Location: St Petersburg, FL
-
by mflorell » Sat Oct 02, 2021 6:31 am
There is currently no report for this.
-
mflorell
- Site Admin
-
- Posts: 18339
- Joined: Wed Jun 07, 2006 2:45 pm
- Location: Florida
-
by striker » Sat Oct 02, 2021 12:04 pm
thanks @mflorell
i found the Admin failed login attempts response with 401 error code and getting logs in ssl_access_log with client ip.
but the api and agents gives 200 ok for failed attempts
and also i noticed the agent api response shows the sql query ,as show below is the normal ?
ERROR: Invalid Username/Password: |6666|1234|0|0|BAD|0|api|SELECT count(*) from vicidial_users where user='6666' and pass='1234' and user_level > 0 and active='Y' and ( (failed_login_count < 10) or (UNIX_TIMESTAMP(last_login_date) < 1633192948) );|
trunk version.
VERSION: 2.14-829a
BUILD: 210911-1958
www.striker24x7.com www.youtube.com/c/striker24x7 Telegram/skype id : striker24x7
-
striker
-
- Posts: 962
- Joined: Sun Jun 06, 2010 10:25 am
-
by mflorell » Sat Oct 02, 2021 2:20 pm
Yes, the admin.php script uses HTTP auth, while the APIs uses variables to do auth(and also allow non-auth responses) so this is working as intended.
-
mflorell
- Site Admin
-
- Posts: 18339
- Joined: Wed Jun 07, 2006 2:45 pm
- Location: Florida
-
Return to Support
Who is online
Users browsing this forum: Bing [Bot], Google [Bot] and 277 guests