Welcome Guest. Please Login or Register  
Client Area  |  Softaculous Cloud  |  Calendar  |  Quick Links  |  
   


You are here: Index > Webuzo > Suggestions > Topic : Security on Webuzo Log In to Increase



Normal Mode | Print  

Security on Webuzo Log In to Increase
Guest
April 14, 2016, 11:21 am | Post: 1
Group: Guest
Status:
Maybe for Two factor authentication can be just an email with a link for direct access to the control panel.

So user need to put username and password into webuzo and if is the first time they connect from that an email is sent to the user for allow the log in.

But maybe here there are another problem in this case, Webuzo email are not always delivered if they looks like SPAM... so don't know maybe is better a system like Google Authenticator or just the possibility to ban an IP only in the webuzo admin access area and not to all website of the server.. should be more option under ban IP.

Should be a possibility to add custom message for single IP BAN or multipe range IP BAN, should be added if ban an IP from the full server or just in one website or Webuzo log in area.

Should be added a possibility to receive an email notification when an admin logged in.

Just suggestions for security.
What happen if, as in my case, I ban an hacker IP and this is redirected to webuzo default page where Hacker can now know user are with Webuzo control panel and also know where the log in form is because is showed in that page how to log in in the admin panel.

That Hacker from scanning in the wordpress website and try to do bad action... now as is Banned see the Webuzo Default page who tell also how to access where access in the Webuzo admin area.

Sure Hacker don't have the password but can set a robot for try all username an password (Brute force log in) ... So user will not know there are robot who try day and night to guess password.

How Webuzo manage this case? With and what security control are done? :)
Also if Hacker is able to log in no email notification is send so Hacker can do what it want.

Tomorrow if notification will be added... If I can log in in the admin Webuzo panel and want expire all session of admin connected (Hacker) if just change password Hacker from another PC will be logged out or can continue to do dangerous actions?

This is security :)
IP: --   


Threads
 Guest   Security on Webuzo Log In to Increase (9 Replies, Read 12915 times)
    |--  Guest   Maybe for Two...   on April 14, 2016, 11:21 am
    |--  webuzo_manager   Hi peopleinsideit ,...   on April 25, 2016, 5:44 am
    |--  Guest   You can set...   on April 25, 2016, 8:30 am
    |--  webuzo_manager   Hi peopleinside, Also...   on April 25, 2016, 10:22 am
    |--  Guest   Thanks, as for...   on April 25, 2016, 3:50 pm
    |--  fintec-mgmt   Webuzo wont even...   on May 5, 2016, 11:46 am
    |--  webuzo_manager   Hi fintec-mgmt, Webuzo...   on May 31, 2016, 6:47 am
    |--  Guest   Hi fintec-mgmt, Webuzo...   on May 31, 2016, 7:22 am
    |--  Guest   I noticed special...   on May 31, 2016, 7:37 am

« Previous    Next »

Normal Mode | Print  



Users viewing this topic
1 guests, 0 users.


All times are GMT. The time now is April 30, 2025, 7:48 pm.

  Powered By AEF 1.0.8 © 2007-2008 Electron Inc.Queries: 10  |  Page Created In:0.028