Quick question, does SuiteCRM have any kind of brute force protection on login, to limit login attempts, etc?
If not, what are the options to set up something like limit login attempts?
I am going to implement this in the near future.
I thought to create a login_failed hook that after 5 attempts adds a restriction in the .htaccess file about the ip that tries to login.
1 Like
Not available yet. Feature is already implemented but not merged in production version.
See PR: Add User lockout and user unlock options https://github.com/salesagility/SuiteCRM/pull/2897
1 Like
Cool! Thanks for the info. Fingers crossed for the production version!
Actually that doesn’t seem to be going anywhere and I would really recommend this simple immediate solution:
Apply this fix manually (one line):
https://github.com/salesagility/SuiteCRM/pull/3291/files
Use Fail2Ban to follow the suitecrm.log and do the work for you. Why reinvent the wheel? 
Hey, this is perfect! Using the tools that available already.
I have problems specifying the filter (i.e.: filter.d/suitecrm.conf ), can you help out here:
[Definition]
failregex = [[]client <HOST>[]] PHP Notice: FAILED LOGIN:attempts.*
ignoreregex =If you have a recent SuiteCRM this should be included in the code, please check it is there:
https://github.com/salesagility/SuiteCRM/pull/4190/commits/883526ce3b43cec92e009cbe5d4766a77e673aa5
Then the messages on your log should look like that, not like the “Notice” message you’re trying to catch.
To get your regexp right I recommend this brilliant website:
Just put the log message there as a test string and work on your regexp at the top.
Hey, thank you for the reply!
I did and found a solution for the regex entry, but f2b wount act to ban the IP!
Then I tryed #10066, but it doesn´t work either.
Seens to be a dead end road for me here … Thx.