TheCelavi
commented
11 years ago Ok, help me here - this protection from brute and dictionary attack - to dismiss or to merge?
Closed roozbeh360 closed 10 years ago
TheCelavi
commented
11 years ago Ok, help me here - this protection from brute and dictionary attack - to dismiss or to merge?
roozbeh360
commented
11 years ago it will help escape up to 3(1-2 maybe 3) class brute force attack ! i suggest test it . merge to branch .
TheCelavi
commented
11 years ago Ok dude, sorry for not answering so long, one issue with your code - it is a mess, you have to format it according to the symfony 1.4 coding standards, like this:
if($request->getReferer() != '')
{
if(!strpos($request->getReferer(), $request->getHost(), 0) > -1)
{
$this->getResponse()->setStatusCode(403);
return;
}
else
{
$this->getResponse()->setStatusCode(403);
return;
}
}You are probably an experienced developer so I do not have to explain why this is important... Please fix it. I will merge it and close this issue.
Thanks!
roozbeh360
commented
11 years ago unfortunately i do changes 4 months ago and i don't have my original repository . but i have open new pull request , and again unfortunately i am using windows version of git looks like it have it own issues too . new pull have many changes but only few addition is real . this pull can be dismissed .
roozbeh360
commented
11 years ago finally done ! ;)
TheCelavi
commented
11 years ago I have tried this and it does not allow me to login???
roozbeh360
commented
11 years ago did you use new commit or ones you have written above ? yours wont works .
mine is :
if($request->getReferer() != '')
{
if(!strpos($request->getReferer(), $request->getHost(), 0) > -1)
{
$this->getResponse()->setStatusCode(403);
return;
}
}
else
{
$this->getResponse()->setStatusCode(403);
return;
}
i use it several times so far !
TheCelavi
commented
11 years ago Ok, fine, my typo error... THX!
TheCelavi
commented
11 years ago Shit, I can not merge this .... Help ?
robot disability in brute and dictionary attack added !