1. Go to this page and download the library: Download egcservices/rbruteforce2 library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
class UsersController extends AppController {
public $components = ['RBruteForce.RBruteForce'];
public $_options;
public $_ipsAllowed;
public function initialize()
{
parent::initialize(); // TODO: Change the autogenerated stub
$this->_options = [
'maxAttempts' => 4, //max failed attempts before banning
'expire' => "10 minutes", //expiration time
'dataLog' => true, //log the user submitted data
'urlToRedirect' => '/users/reportBruteForce' //url to redirect if failed.
];
$this->_ipsAllowed = ['127.0.0.1', '172.68.26.185', '191.179.112.160'];
}
public function login()
{
if ($this->request->is('post')) {
$myIp = $_SERVER['REMOTE_ADDR'];
if (!$this->RBruteForce->isIpBanned($this->_options) || in_array($myIp, $this->_ipsAllowed)) {
$user = $this->Auth->identify();
if ($user) {
$this->Auth->setUser($user);
return $this->redirect($this->Auth->redirectUrl());
}
$this->RBruteForce->check($this->_options); //unsuccessful logins will be checked
$this->Flash->error(__('Invalid username or password, try again'));
} else {
$this->Flash->error(__("Please, wait {$this->_options['expire']} to try login again!'));
}
} else {
if ($this->RBruteForce->isIpBanned($this->_options)) {
$this->Flash->error(__("Please, wait {$this->_options['expire']} to try login again!'));
}
}
}
$options = [
'maxAttempts' => 4, //max failed attempts before banning
'expire' => '3 minutes', //expiration time
'dataLog' => false, //log the user submitted data
'attemptLog' => 'beforeBan', //all|beforeBan
'checkUrl' => true, //check url or not
'cleanupAttempts' => 1000, //delete all old entries from attempts database if there are more rows that this
'urlToRedirect' => '/r_brute_force/Rbruteforces/failed' //url to redirect if failed.
];
$this->RBruteForce->check($options);