Jump to content

Authentication blocked for 10 minutes for security reasons.


Guest Steve.Thompson

Recommended Posts

Guest Steve.Thompson

Hi All.

I'm running CC 4.2.3

One of my customers is receiving this error message when trying to log in:

"Authentication blocked for 10 minutes for security reasons."

This message has lasted for days so far, not 10 minutes. He has requested password reset but still receives this message. I have reset his password from the Admin menu but he still receives this error.

Any suggestions please, apart from deleting the account and starting over?

Thanks, Steve.

Link to comment
Share on other sites

Guest Steve.Thompson

Has he tried clearing his browser cache? Clearing cookies? Using a different browser?

Yes, yes and yes.

This problem cleared after about 4 or 5 days, was ok for a few days, now it's happening again.

Does anyone have any other suggestions.

Thanks, Steve.

Link to comment
Share on other sites

Find ini.inc.php in your Cubecart root folder and changue the next settings near line 35 to allow a less restrictive ip blockings:

## Brute Force Protection

$ini['bfattempts'] = [b]15[/b]; ## Allowed number of login attempts

$ini['bftime'] = [b]180[/b]; ## Number of seconds to prevent login for

15 attempts and 180 seconds are the settings I setup for my store, just copied and pasted.

I hope that it works for you!

Link to comment
Share on other sites

  • 3 weeks later...
  • 1 month later...
Guest Alex Rodriguez

I have tried this modification on my installation and the site is still not letting me login to my test account. When I tried after the change in the PHP code, the message read "Authentication blocked for 3 minutes for security reasons." so the site detected the change from 600 seconds to 180 seconds but I still can't login. I'm using "force SSL" on my site.

Find ini.inc.php in your Cubecart root folder and changue the next settings near line 35 to allow a less restrictive ip blockings:

## Brute Force Protection

$ini['bfattempts'] = [b]15[/b]; ## Allowed number of login attempts

$ini['bftime'] = [b]180[/b]; ## Number of seconds to prevent login for

15 attempts and 180 seconds are the settings I setup for my store, just copied and pasted.

I hope that it works for you!

Link to comment
Share on other sites

Guest RenateH

I have it too but only on IE7. Firefox and IE6 work. I can't sign in at all in IE7. Oddly, I also have a customer complaining that IE7 is acting very peculiar - won't let her add products, sometimes won't let her even see any products, won't let her check out. I've had to process her order manually after a week of trying to get it to work

Link to comment
Share on other sites

  • 2 months later...

I am currently having this problem with a customer not being able to log in. I tried the fix as above, but it is only changing the amount of time she has to wait. She only just put in an order without problem over the weekend, but now she wants to log in to view the status of her order but it's not letting her.

What is actually causing the problem? a cookie? the store? her browser?

Would changing the time between logins to zero help anything?

I LOVE cubecart, but sometimes these little issues really bug the heck out of me. :wacko:

Link to comment
Share on other sites

Guest Simon Dolenec

what the heck ARE YOU DOING?

I used I fraking day to compare files and to renew my store from 4.2.3 to 4.3.1 - I have heavly modified store and then... account disabled for 10 minutes... no matter what I do with ini.inc.php...

BACK TO 4.2.3

everything what I know is that you take my precious time for what, NOTHING...

fix THIS!!!

why should I try to lock some potential customer??? that is insaine.. + when I succesfully loged in it logged me out when I click on shopping cart...

+ I can't call 4000 customers to clear browser cache... some customers even don't know what is that... be serious...

Link to comment
Share on other sites

  • 5 months later...

Is this issue still happening to some? I just re-reinstalled the latest version a couple weeks ago, and this problam is affecting many existing customers. They get pretty frustrated, and I have no answer for them. Have spent many hours at work fruitlessly sorting through and trying to adjust sessions-related files.

Link to comment
Share on other sites

  • 2 months later...
  • 1 month later...
Guest Chelsey

I had the same problem and changed the settings in the ini.inc.php to

## Brute Force Protection

$ini['bfattempts'] 	= 	155;						## Allowed number of login attempts

$ini['bftime'] 		= 	0; 					## Number of seconds to prevent login for

Now the problem is solved.... :)

perfect, solved for me thanks! :)

Link to comment
Share on other sites

Guest Roger Huston

Remember, changing these settings allows hackers to use scripts to try and brute force their way into your site. Perhaps people were getting these errors they were being attacked by a brute force attack?

- Roger

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...