Allow an admin to specify an IP address of interest in the Web UI to look up its BFP status and view a summary of its attempts history.
Details
An existing command (occ security:bruteforce:attempts) already provides this capability from the command-line. The same information should be available from the web UI (via the BFP settings app) for ease of day-to-day access by admins that prefer the Web UI (or that lack command-line access).
The operator will only need to specify the IP address of interest in order to query the details desired.
Implementation
No changes in the BFP implementation itself are required (i.e. this enhancement will not touch server). All changes will take place in in the bruteforcesettings app itself.
Output of `occ security:bruteforce:attempts --help`
Description:
lists bruteforce attempts for given IP address
Usage:
security:bruteforce:attempts [options] [--] <ipaddress> [<action>]
Arguments:
ipaddress IP address for which the attempts are to be listed
action Only count attempts for the given action
Example current output from occ security:bruteforce:attempts <IP_address> includes:
How the output changes can be easily tested by entering an invalid password several times in a row and monitoring how the output changes. This same information should be presented in the web UI, albeit in a more "web UI appropriate" manner.
If needed for additional context, refer to the utilized public and private APIs.
Probably out of scope:
Looking up an IP range (i.e.. subnet/CIDR block) rather than just a single IP address
Caveat: Though we do need to make sure we support IPv6 too which is based a /64 boundary
Out of scope:
Specifying actions: Since actions aren't generally documented they're unlikely to be known by non-developers. So there is no need to permit limiting queries by action in the Web UI at this time.
Summarizing attempts by time period (e.g. last 48h, last 24h, last 8h, last 30m)
Goal
Allow an admin to specify an IP address of interest in the Web UI to look up its BFP status and view a summary of its attempts history.
Details
An existing command (
occ security:bruteforce:attempts
) already provides this capability from the command-line. The same information should be available from the web UI (via the BFP settings app) for ease of day-to-day access by admins that prefer the Web UI (or that lack command-line access).The operator will only need to specify the IP address of interest in order to query the details desired.
Implementation
No changes in the BFP implementation itself are required (i.e. this enhancement will not touch
server
). All changes will take place in in thebruteforcesettings
app itself.Existing
occ
command (model)The existing
occ
command is implemented in https://github.com/nextcloud/server/blob/master/core/Command/Security/BruteforceAttempts.php.Example current output from
occ security:bruteforce:attempts <IP_address>
includes:How the output changes can be easily tested by entering an invalid password several times in a row and monitoring how the output changes. This same information should be presented in the web UI, albeit in a more "web UI appropriate" manner.
If needed for additional context, refer to the utilized public and private APIs.
Probably out of scope:
/64
boundaryOut of scope: