| Author |
|
denis
Newbie
Joined: 15 June 2015
Location: Italy
Online Status: Offline
Posts: 16
|
| Posted: 22 June 2015 at 3:08pm | IP Logged
|
|
|
I've found this usefull script that logs failed logins, a log that could be used to add a further security level
I took inspiration from it to create a simple plugin that does exactly the same job for php webmail pro
There is just one problem, I have had to modify the core file:
<afterlogic-root>/libraries/ProjectSeven/Actions.php
adding an Hook at line 2653
\CApi::Plugin()->RunHook('webmail.login.failed', array($sEmail));
I just like to ask the admin if it's possible to add this hook to the future version of the webmail (obviously if it could be usefull :) )
Thanks
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 22 June 2015 at 3:33pm | IP Logged
|
|
|
I'll need to check this with the developers. Thank you.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 26 June 2015 at 6:43am | IP Logged
|
|
|
Developers confirmed they have added the hook, though it's added in a bit different location, and the code looks like this:
Code:
| \CApi::Plugin()->RunHook('api-integrator-login-authentication-error', array($sEmail)); |
|
|
The hook will be available in 7.6 release expected shortly.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
denis
Newbie
Joined: 15 June 2015
Location: Italy
Online Status: Offline
Posts: 16
|
| Posted: 30 June 2015 at 2:50am | IP Logged
|
|
|
Great!
Can you tell me in which location it has been added
thanks
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 30 June 2015 at 5:11am | IP Logged
|
|
|
Sure, it's libraries/afterlogic/common/managers/integrator/manager.php file, in the following function:
Code:
| public function loginToAccount($sEmail, $sIncPassword, $sIncLogin = '', $sLanguage = '') |
|
|
and the code there is:
Code:
else if ($sIncPassword !== $oAccount->IncomingMailPassword)
{
\CApi::Plugin()->RunHook('api-integrator-login-authentication-error', array($sEmail));
throw new CApiManagerException(Errs::Mail_AccountAuthentication);
} |
|
|
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
denis
Newbie
Joined: 15 June 2015
Location: Italy
Online Status: Offline
Posts: 16
|
| Posted: 30 June 2015 at 5:38am | IP Logged
|
|
|
I tried to put the code there but it doesn't work
if ($oAccount->Domain->AllowWebMail)
{
----->> the execution passes here
...
}
else if ($sIncPassword !== $oAccount->IncomingMailPassword)
{
----->> NOT HERE
throw new CApiManagerException(Errs::Mail_AccountAuthentication);
}
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 30 June 2015 at 6:45am | IP Logged
|
|
|
Sorry, looks like there was incomplete code provided. Below please find the proper one.
Code:
if ($oAccount->Domain->AllowWebMail && $oAccount->AllowMail)
{
if ($sIncPassword !== $oAccount->IncomingMailPassword)
{
$oAccount->IncomingMailPassword = $sIncPassword;
}
$oApiMailManager = CApi::Manager('mail');
try
{
$oApiMailManager->validateAccountConnection($oAccount);
}
catch (Exception $oException)
{
\CApi::Plugin()->RunHook('api-integrator-login-authentication-error', array($sEmail));
throw $oException;
}
}
else if ($sIncPassword !== $oAccount->IncomingMailPassword)
{
\CApi::Plugin()->RunHook('api-integrator-login-authentication-error', array($sEmail));
throw new CApiManagerException(Errs::Mail_AccountAuthentication);
} |
|
|
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
denis
Newbie
Joined: 15 June 2015
Location: Italy
Online Status: Offline
Posts: 16
|
| Posted: 30 June 2015 at 8:17am | IP Logged
|
|
|
no, problem :)
now it works
|
| Back to Top |
|
| |
MailBee.NET Objects 
MailBee.NET Queue 
MailBee Objects 
WebMail Pro PHP 
AfterLogic Aurora 
MailSuite Pro for Linux 
Unified Messaging Solution 
Search
Register
Login
Topic: login failed and fail2ban
Privacy policy |
Refund policy