Kryptronic Software Support Forum

You are viewing this forum as a guest. Login to an existing account, or create a new account, to reply to topics and to create new topics.

#1 04-30-2024 11:48:43

KryptSupport
Member
Registered: 04-29-2024
Posts: 77

Unauthorized Login Attempts to Website Account

NOTE: This post was created on 2024-02-13 on the Kryptronic eCommerce Community facebook page, which has been replaced with this forum.  All facebook support content was migrated into this forum in April 2024.

Rob:

Hi Nick
Something or someone keeps trying to log into my account on website. I know this because I get the Account Locked email which prevents it happening, so technically all is good and working. However, it's annoying as I get locked out of account for 15 minutes unless I manually change core_users table.
On main site, if someone attempts to log in and account is locked, I get an email that includes the IP address of the person that tried to log in. I can then ban them or the country as it is the usual suspects.
However, if someone tries to login on a multisite domain, the account locked email details the IP address of the host when the multisite domain is hosted, not the person who attempted to log in. I have also noted the IP address stored in the order table for any orders placed on a multisite also shows the IP address when the multisite domain name is hosted.
Do you know if there is any way I can get the correct IP address I need?

Kryptronic:

Hi, Rob. We noticed this and found it annoying as well, so we added functionality to the MultiSite startup function which recognizes and does the right thing with the HTTP_X_FORWARDED_FOR header, if present. When using an Apache-based mirror (like we do for MultiSites), that header should be set. This was added in release 9.3.

The startup file is {private}/core/CORE/startup/0210_multisite.php. I checked your licenses and you have a 9.3 installed, but are at 9.2 on others. So grab that file from your 9.3 install and drop it into the 9.2 installs in the same spot. I've checked and it's safe to just replace them. The only difference is with the functionality referenced here.

Rob:

Thanks Nick. I have updated the file.

Offline

 

Board footer