Try Now
More in this section

Forums / General Discussions / Block IP address on exceeding backend login attemps

Block IP address on exceeding backend login attemps

2 posts, 0 answered
  1. waqar
    waqar avatar
    76 posts
    28 Mar 2011
    27 Mar 2015
    Link to this post

    In security implementation perspective we need to secure Sitefinity backend which requires following implementation.

    • Place a restrictions to block each IP which exceed the number of login from 3-5.
    • Need to check if the user is already logged in and from which IP they are accessing the logged in section. If  the same IP is accessing the Login form for 5 user then it should block any other user from the same IP to login to coordinator section.


    Seems some custom provider implementation is required. but not sure how.



  2. Laurent Poulain
    Laurent Poulain avatar
    17 posts
    28 Oct 2016
    01 Apr 2015
    Link to this post

    You can find information about building a custom provider on http://docs.sitefinity.com/tutorial-create-a-custom-membership-provider

    Now, be aware that filtering by IP address is not always a foolproof way to blacklist a potential attacker depending of your network topology. In particular, an attacker could use the same external IP address as other legitimate users (if accessing your website from the same external company, same public wifi, etc.)

    Sitefinity Laurent
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
2 posts, 0 answered