Block users


#1

Hi is there any way to block brute-force attacks to administration?
I try to protect with .htaccess, but, in that case, on page what I monitoring, get, popup window (of piwik administration) to enter username and pass to enter page?

Is there any solution?
Yesterday my provider send me message that whole morning few machines try to enter my administration. He blocked them with firewall, but, is there any way to solve that by my self.

Best regards


#2

htaccess will allow you to block specific IPs or IP ranges as well as you can even block based on type of get request made to your server.

Look at your error logs and that will give you some info on method best suited to block. I recommend by IP and ranges, most often times its from china and russia such admin hijacking attempts occur from.

good luck


#3

I have in mind to protect /admin/ Url With A .htaccess Password?


#4

see this link for more info

http://forum.piwik.org/read.php?6,17251

regards