How to unlock admin-user after 5 wrong login attempts

scs · June 9, 2022, 7:32pm

I just installed Zammad and ask myself how to prevent against hackers/attackers.

For example:
If a user forgot his password after 5 attempts the user has been blocked and as an admin, we can unlock the user. But what if there is just one admin user and the attacker/hacker enters my admin username 5 times wrong, then my admin account has been blocked. How can I enter the system now? Is there also a way to block the IP of the attacker (fail2ban).

dvanzuijlekom · June 9, 2022, 8:28pm

You can unlock user accounts via the console.

scs · June 13, 2022, 4:59pm

Thx, for the solution. Is there also a way to block the end-user by his IP address as we can do with fail2ban. Would be nice if there is a prebuild filter script that we can use inside fail2ban.

MrGeneration · June 13, 2022, 5:20pm

The search function will answer your question:
https://community.zammad.org/search?q=fail2ban

system · July 31, 2023, 11:33am

This topic was automatically closed after 416 days. New replies are no longer allowed.