Home/ Questions/Q 646259
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T21:35:32+00:00

I’m trying to develop a module for Joomla 1.5 that identifies brute force login

  • 0

I’m trying to develop a module for Joomla 1.5 that identifies brute force login attacks and shuts them down.

I found a function called onLoginFailure() that gets called when a login attempt fails. From within that function, I’m trying to figure out which username was used for the login attempt. After 5 failed login attemps, I want to then prevent any more attempts by the user for an hour.

Is anyone familiar enough with Joomla to help me
1) access the username from within the onLoginFailure() scope
2) help me identify the best place for my code to prevent login attempts (redirect to a page that tells them they are banned for an hour).

The best existing module I’ve found is someone who did a 10 second delay between login attempts…

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I would create a component with an Authorization plugin (mainly a copy of joomla.php but adding these implementations).

    The component is responsible for creating all the logic behind your logins (persisting all login attempts from a user, configuration for redirects, etc) and your Authentication plugin for checking if everything is correct.

    Then you deactivate joomla.php and keep just your own authentication module.

    • 0