How to unlock admin-user after 5 wrong login attempts

I just installed Zammad and ask myself how to prevent against hackers/attackers.

For example:
If a user forgot his password after 5 attempts the user has been blocked and as an admin, we can unlock the user. But what if there is just one admin user and the attacker/hacker enters my admin username 5 times wrong, then my admin account has been blocked. How can I enter the system now? Is there also a way to block the IP of the attacker (fail2ban).

You can unlock user accounts via the console.

3 Likes

Thx, for the solution. Is there also a way to block the end-user by his IP address as we can do with fail2ban. Would be nice if there is a prebuild filter script that we can use inside fail2ban.

The search function will answer your question:
https://community.zammad.org/search?q=fail2ban