Image rollovers in the header can lock you out of DA

D

dperren

Verified User
Joined
Jun 8, 2007
Messages
28
Just had this happen to me - easy to reverse if you have shell access, but annoying none the less.

If your login session times out, and you then mouseover the images in the page header, then the browser attempts to load them with a blank username and password. This counts as a failed login attempt, resulting in your IP being added to the ip_blacklist file, meaning you can't log back in.

Thought this was a little bit strange, especially as there is some preloading javascript in place...
 
sorry, but where does this happen? Does it happen on DA interface or its in general?

Which service adds your IP to the ip_blacklist?
 
From what I understand of his post, it happens anywhere inside of the control panel. If you have your session timeout in the Administrative Settings set to, lets say, 10 minutes and have the page sit there idle for 11 minutes before coming back. If you mouseover the image button at the top, the rollover will request for the new images from the server, but, because you aren't logging in, the server blacklists you for trying to get so many items while not logged in.
 
I would think that doing a roll over an image should only request one image, not all the images on a screen?

How does the server blacklist you then? Is it done by BFD or something else?
 
This has happened to me once or twice. For example, i leave my machine on over night. So when i come in, and check my tabs, if one of them is in DA, then the timeout has expired, and i am actually logged out, and will be blacklisted if i happen to roll over the images.

Personally i like that it does this, but upon the first request it should redirect you to the login page, not attempt to blacklist you.
 
It is basically the same is if you get your password wrong a few times and it locks you out, assuming that you are brute forcing the login. The problem is that each rollover of an image is counted as one of these "attacks" but you dont notice that when you are rolling over everythign on your page wondering why you can get into the various areas.
 
rohit said:
sorry for asking this again but what adds your IP to the ip_blacklist
Click to expand...
I reckon it's the DirectAdmin service itself. See the 'Blacklist IPs for excessive login attempts' option in the 'Administrator Settings' part of the Admin Panel.
The IP is added to /usr/local/directadmin/data/admin/ip_blacklist.
 
You must log in or register to reply here.
Back
Top