Built in protection against unauthorized user logins? -MTPBX

linuxbrekeket2 · Post by **linuxbrekeket2** » Thu May 09, 2013 7:20 am

1. Brekeke Product Name and Version: PBX MT build

2. Java version: build 1.7.0_21-b11

3. OS type and the version: 2.6.32-358.6.1.el6.x86_64 Centos6.4 64

4. UA (phone), gateway or other hardware/software involved:Some Yealinks a few Ciscos, the phones are not really hte problem

5. Your problem:

We are looking to open up the tenant login page on our public IP. My personal recommendation has been to then restrict access to this page via our firewall and only allow access from trusted IPs meaning customers of the service would need to supply static IPs.

however I have a customer who wants the ability to login from anywhere. With this in mind I would have to open up the tenant login page to the whole world. I dont really like this option

So my questions are.

- Is there any built in protection to the MT PBX login page to stop/restrict someone sitting there attempting to guess the password. I am thinking along the lines of after 10 failed logins block the IP?

Thank you

Me

hope · Post by **hope** » Thu May 09, 2013 9:50 am

Brekeke PBX already has the function to Block IP access after few login failed, maybe 8?

davi · Post by **davi** » Thu May 09, 2013 10:33 am

As Hope said, there is an automatic protection which blocks an IP address after few login failed.

Also, Brekeke has the web API which allows you to make own user-login page.
With this API, you can design and develop secure user-login page.
Let you contact Brekeke for more details.