Hi all. We've a problem with login packet. We're using hAuthd. Sorry about my english :-( When someone tries to log in there is another IP(attacker) which log in same account after few seconds. There is CACHED IN log: 09/30/2010 06:37:12.968, 803,234137,122694,,,180156,-108264,-5832,OWNER_IP,,,0,0,96,80,331,,,,,,Nick,account,,, 09/30/2010 06:37:51.484, 803,234137,122694,,,180156,-108264,-5832,ATTACKER_IP,,,0,0,96,80,331,,,,,,Nick,account,,, Thank you for the advice
This only happens when 2 people try to log the same account. It has nothing to do with a "stolen login packet". Not necessarily an "attacker" unless someones reporting stolen stuff from that account. Could also be an AIO account if those exist on your server. People's accounts aren't locked to their IP addresses and often times will share an AIO account or buffer accounts. Options: ban the IP..lol. Files->Black IPs add the IP to this list, save. Files->Reload then id suggest if you have an admin panel, searching for the IP and seeing if hes logged any other accounts. if you really want to block him you can also block his IP with GhostWall (it's free) if you want to block him from the website only you can add this to your .htaccess file: <Limit GET> order deny,allow deny from IPaddresshere </limit> ..this topic needs to be moved, it has nothing to do with depmax