Failed login notifications

Getting e-mail notifications of failed login attempts will not by any means protect you from hackers.
It will however alert you if you are being targeted by a brute-force attack and should that ever be the case, cmsms allows you to simply move your admin directory and get it over with... :)

First, install the "Notifications" module.

Navigate to Extensions >> Notifications</>

Add an item:
- Name: Failed login attempt
- Events: select "Core.LoginFailed" from the list
- Subject: Failed login attempt on yourdomain.com
- From address: no-reply@yourdomain.com
- To address: your@mail.com
- Message in HTML format:

<p>Failed login attempt at <a href="{$env.HTTP_REFERER}">{$env.HTTP_REFERER}</a></p>
<ul>
<li>username: <b>{$post.username}</b></li> <li>password: <b>{$post.password}</b></li> <li>IP: <b>{$ip}</b></li> <li>Browser language: <b>{$env.HTTP_ACCEPT_LANGUAGE|substr:0:2}</b></li> </ul> <br> <br> <br> <small><p><b>Full "$_ENV"</b> {$env|@debug_print_var:0:400}</p></small>

Click on the advanced tab and paste the code below:

$smarty = cmsms()->GetSmarty();

$post = $_POST;
$env = $_ENV;   if (isset($_SERVER['HTTP_CLIENT_IP'])) {    $ip = stripslashes($_SERVER['HTTP_CLIENT_IP'])   } else {    if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {      $ip = stripslashes($_SERVER['HTTP_X_FORWARDED_FOR']);    } else {      $ip = stripslashes($_SERVER['REMOTE_ADDR']);    }   } $smarty->assign('post', $post); $smarty->assign('env', $env); $smarty->assign('ip', $ip);

Click Submit and you are set :)

Comments