Navigation

Pligg Support

Are websites that are powered by Pligg CMS 2.0.0 vulnerable to brute-force attack from login area? If not, give me enough details why they're not vulnerable. Or do I need a module for that?

Possible Answers

    Pligg CMS has a few different features to prevent brute-force attacks. The most powerful of which is a timeout that occurs when a wrong username and password combination is given. The timeout system starts with a 60 second wait before your next guess, and with each incorrect guess it gets significantly longer. I think the maximum timeout is something like 1 hour, but it could be as much as 24 hours. This system was put in place a while ago to specifically combat brute force login attempts and I don't think we even offer an option to turn it off because it is such a reasonable security service. I'm speaking from a memory of implementing this stuff a few years ago, so I may be missing a few details.

    | Posted 38 days ago | Permalink | Hide Replies

Who Upvoted this Story

Pligg.com's Support area is where you can ask questions and get answers. Just getting started with the Support area? This section describes tips for participating.

Submitting a Question or Comment

By taking a minute to research previous posts you may receive an answer much faster than waiting for a response to a new question. Begin by searching the support section for an answer. Sometimes you may even want to extend your search to the entire pligg.com domain.

If you are unable to find a relevant answer, submit a new question or comment here. Please provide a detailed description and, when necessary, debugging information such as your server environment (a link to a <?php phypinfo(); ?> .php page would be very helpful), your web browser, and any steps necessary to reproduce your issue.

Submitting an Answer

If you have an answer or useful response that you would like to add to a post, you can submit it as a comment which other users will then vote on. Answers are sorted by most popular to least, allowing the best information to climb to the top of the page.

Please read and vote for existing answers before submitting your own, as there may already be an acceptable answer provided. You can use the "Reply" link found within an answer to submit a response to it, in case you want to expand or comment on someone else's contribution.

Including Files or Code

Sometimes it is necessary for you to attach a file or include a snippet of code for others to reference in your response. In most cases, you can .zip up files and attach them to a question or answer using Pligg's file manager. At times though this may fail, and in these circumstances we recommend using a third party host. Below we are including a list of recommended websites where you can share easily share file uploads (or snippets of code) through the web.