Roundcube/Plugin/rcguard
rcguard
This plugin logs failed login attempts and requires users to go through a reCAPTCHA verification process when the number of failed attempts go too high. This provides protection against automated attacks.
- Installed via
composer
dsoares/rcguard- Plugin name: rcguard
mv config.inc.php.dist config.inc.php You have to obtain a key from http://www.google.com/recaptcha. Put the key in your config file: > nano config.inc.php
// Public key for reCAPTCHA $config['recaptcha_publickey'] = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
// Private key for reCAPTCHA $config['recaptcha_privatekey'] = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; Create the mysql table where to store the logs of all failed attempts. IPs are released after a certain amount of time. > mysql -u root -p mysql> use roundcube;
CREATE TABLE `rcguard` ( `ip` VARCHAR(40) NOT NULL, `first` DATETIME NOT NULL, `last` DATETIME NOT NULL, `hits` INT(10) NOT NULL, PRIMARY KEY (`ip`), INDEX `last_index` (`last`), INDEX `hits_index` (`hits`) ) ENGINE = InnoDB CHARACTER SET utf8 COLLATE utf8_general_ci;
quit; That's it. The captha will be active after 5 failures. You can set this number in the config file.
Different themes and translations of recaptcha are available. Simply edit
rcguard.js
. For documentation, see: https://developers.google.com/recaptcha