Home

The Brute Force Stop (bfstop) plugin monitors each failed login attempt, and logs it to the database. If so configured, it can send out a notification for each or a limited number of failed login attempts per day. When running a server which is at least somewhat frequented, this is not such a good idea, as there is usually not much to be done when such an attempt happens; so the default option is to not notify about failed login attempts. If the number of failed login attempts exceeds an amount given in the configuration, the plugin will prevent any further access to Joomla! from this IP address - meaning the assumed attacker can not try to login anymore, he only sees a (configurable) message that he has exceeded the number of allowed login attempts, and is therefore banned. The ban is permanent at the moment (see Known Issues), and apart from looking at the database there is no way to see the currently blocked IPs (also see [Known Issues]).

If you want to start using the plugin, have a look at these pages:

• [Download and Installation](wiki/Download and Installation)
• Configuration
• [Known Issues](wiki/Known Issues)
• Roadmap
• FAQ