Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
CAPTHCA/additional table field/allowed ip’s – not propose.
I think best option is: keep login attempts in server cache.
If you can propound other options or cut up option with cache, you are welcome.
Typically I would use the INTERNAL_IPS setting, and make a middleware that blocks access to /admin/ if you’re not part of INTERNAL_IPS
Another option is to play with https://github.com/dmpayton/django-admin-honeypot — you could potentially write a cron job that blocks these IPs via iptables or something.