Topic :Too many login attempts, try again in 15 minutes: |6666|LOCK|
 |
| Too many login attempts, try again in 15 minutes |
Issue :
While logging into the vicidial admin portal ,you may notice below alert
Too many login attempts, try again in 15 minutes: |6666|LOCK|
Too many login attempts, try again in 15 minutes: |admin|LOCK|
Too many login attempts, try again in 15 minutes: |xyzuser|LOCK|
Cause :
1. Vicidial Bruteforce Protection
By default Vicidial source code enabled with Brute force protection, which will Lock the User ID if 10 Failed Attempts detected and counter will be reset every 15 minutes.
2. Bruteforce Attack
Due to recent Bruteforce attacks on vicidial servers with user-id 6666 or admin, you may notice the above said alerts.
or other users might entered wrong credentials more than 10 times.
Workaround:
Temporary workaround
you can Unlock the affected users by following methods
1. By running the below mysql command ,which unlock the particular user
for user 6666
mysql -e "use asterisk; update vicidial_users set failed_login_count='0' where user='6666';"
for user admin
mysql -e "use asterisk; update vicidial_users set failed_login_count='0' where user='admin';"
note: just replace user= with the userid which is LOCKED.
if above Command fails run the below mysql cli commands
mysql -puse asteriskupdate vicidial_users set failed_login_count='0' where user='6666';
note: for vicibox users no password, or use default mysql credentials mysql -ucron -p1234
2. If you have another Admin credentials, which is not Locked, access the vicidial admin portal in another Browser and login with another admin credentials, Followed to that modify the affected user and press just submit, which will un lock that user.
Permanent Workarounds:
Restrict the Vicidial Portal access by any of the below mentioned methods
1. Use Vicibox Firewall, that is Dynamic Portal.
Using dynamic Portal or Vicibox Firewall, you can restrict the vicidial Admin /Agent portal access to the IP's which is white listed via dynamic Portal.
Refer this Link Vicibox Firewall To configure vicibox firewall
2. Vicidial Allow IP Lists Feature.
Using the Allow IP lists Feature , you can restrict admin/agent/API access to the White Listed IP by admin for User Group wise.
Steps to enable Allow IP List and Restrict IP to whitelist per usergroups.
Enabling Allow IP List
Navigate : ADMIN > SYSTEM SETTINGS > Allow IP List : 1
Adding the IP's to white List.
Navigate : ADMIN > IP Lists
Select : ViciWhite IP List , Activate it by Setting YES, Followed to that Added the IP which need to access or you can say list of White Listed IP's
Enabling the IP white list in User Groups.
Navigate to Respective Usergroups ,Click Modify
User Groups > ADMIN > Modify and enable the below options
Admin IP Whitelist : ViciWhite
Agent IP Whitelist : ViciWhite
API IP Whitelist : ViciWhite
3. Change the Default web directory Path of vicidial Portals.
The default path to access vicidial is https://serverip/vicidial/admin.php and for agent /agc/vicidial.php,
this is well known path.
Change this default path to some other path like https://serverip/xkskiiiww/vicidial/admin.php
so that only users who know this path can access.
refer this link to change the path.
4. Restrict the web access only to FQDN ,instead of Direct IP access
As the Hackers try to access your server IP, instead of FQDN ,unless they know the FQDN
you can restrict the Webaccess only to FQDN Check out the workaround provided in this Vicidial Forum link
5. Necessary Security Measures to Protect the Vicidial Servers.
There are so many Loop holes in Vicidial for getting hacked.
Check out this link-Vicidial security/hardening
Conclusion:
The Failed Attempt trigger is mentioned in Functions.php under Vicidail webfolder
(cd /srv/www/htdocs/vicidial or cd /var/www/html/vicidial/
$LOCK_over = ($STARTtime - 900); # failed login lockout time is 15 minutes(900 seconds)
$LOCK_trigger_attempts = 10;
Restrict the Server access only to known IP's,
use strong password, not like P@ssw0rd, 1234,pass1234, etc.
dont use the Default Credentials likes, 6666, admin,bob etc
refer this link for Vicidial security options
For Support Reach on skype: striker24x7