Overview
Webuzo provides built-in protection against brute force attacks through its Brute Force Protection feature. This feature helps prevent unauthorized access by limiting the number of failed login attempts from an IP address within a specified time period. When the threshold is reached, the IP address can be temporarily banned or blocked.
Logs
You View Brute Force logs if someone has tried to access your Webuzo Panel and Failed
There are many features available in the Brute force logs, like Remove from logs (You can remove entries from logs), Blacklist Selected IPs, Clear All logs and Export CSV.
You can Edit Brute Force Settings from Webuzo Admin Panel > Home > Settings > Brute Force
You Can Change Default Brute Force Settings in the Brute Force settings Section
Enable/Disable Protection: Choose whether to enable or disable Brute Force Protection for your server.
Maximum Login Failures: Set the maximum number of allowed failed login attempts from an IP address within a specific time frame. This value determines when the IP address will be banned or blocked.
You can Change error message which appear after login has failed
After Changing these settings Click on Save to Save the Changes you have made
Ban Time: Specify the duration for which an IP address will be banned after reaching the maximum login failures. This can be a fixed time period or until manually removed from the ban list.
Blacklist and Whitelist
You can Add IPs to BlackList to disallow them to login to the Webuzo panel.
Whitelist IP Addresses: Add trusted IP addresses to the whitelist to exempt them from Brute Force Protection. This is useful if you have certain IP addresses that should not be subject to the protection mechanism.
Import
You can use the Import function to import Blacklist IPs and Whitelist IPs.