Roundcube Community Forum

 

[0.5.2] hmail_autoban plugin help

Started by jeffshead, May 11, 2011, 01:19:14 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

jeffshead

May 11, 2011, 01:19:14 AM
I don't understand why 127.0.0.1 is the address that always gets added to the autoban list regardless of the user's public IP address.

This means that if a bot or a malicious user tries to access a legitimate user's account, it will also ban the real account owner if he/she tries to login.

I thought only the public IP address of the user (failed attempts) would be banned but it's always 127.0.0.1 which blocks anyone from accessing the account.

Is there a way to just block the failed attempt user's IP address or an octet range?

What am I not understanding?

To me, it does not make sense to block account access from all IP addresses.

rosali

#1
May 11, 2011, 02:55:37 AM Last Edit: May 11, 2011, 03:00:32 AM by rosali
Read that and configure hMailserver IP ranges accordingly:

Auto-ban

hMailserver can't not know the IP address of the user connecting to the webmail,
because there is no direct connection.

The IP for connections from Webmail to hMailserver is always the Server IP.

EDIT: You may want to give 'crawler' and 'dnsbl' plugins in addition to hmail_autoban a shot.
Regards,
Rosali

jeffshead

#2
May 12, 2011, 03:01:05 AM
OK. Now it makes sense. Thanks:)

eveninggowns

#3
May 12, 2011, 11:10:14 PM
Get ideas and information on various styles and fashions of
Evening Dresses
Formal Dresses[/url
Print
Go Up Pages1
User actions