Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Performance and...Performance and...how to deal with possible attack on websiteshow to deal with possible attack on websites
Previous
 
Next
New Post
7/17/2014 2:40 PM
 
Tom


Joined: 9/23/2011
Posts: 458

Hi, I am getting several failed attempts to log in to our websites. They seem to arrive every 20-30 minutes or so with regularity. Each one has a different username and IP Address, and they are trying to get in to three different websites. I looked up the IP Addresses and they very different locations, various parts of the US and Australia as well.

Any suggestions on how to deal with this?

Thanks

Tom

 
New Post
7/18/2014 4:19 AM
 
Sebastian Leupold


Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

www.dnnwerk.de
Joined: 3/8/2004
Posts: 46212
Tom,
if you are unable to separate suspicious login attempts from regular ones, the only advice is using strong passwords always - especially for priviledged users, you may also consider using dedicated account names other than "admin" and "host".
If you don't expect logins from this area, you also may block IP ranges.
Cheers from Germany,
Sebastian Leupold

dnnWerk - The DotNetNuke Experts   German Spoken DotNetNuke User Group

Speed up your DNN Websites with TurboDNN
 
New Post
7/18/2014 1:35 PM
 
Tom


Joined: 9/23/2011
Posts: 458
Thanks Sebastian. I will be talking to my users about their passwords.
We only really need logins from local network. How would I go about blocking IP ranges? Would I block access just to login page, or how would that work. Can I do that in DNN itself or on the web server?

Thanks

Tom
 
New Post
7/21/2014 3:16 PM
 
Tom


Joined: 9/23/2011
Posts: 458
An important step in our security appears to be the Login IP Filters inside Host settings. (Our live site is currently running 7.1.2)

For our website, if we could at least prevent logins from outside our network, that would be a great step. Our host/admins only need to log in while on our network (or possibly on VPN). So it would be good protection to block any login attempts from outside our network.

We've tried to test the Lgin IP Filter on our test server, but maybe not the best use case.

I understand that the Login Ip Filtering is only possible in the scenario where the website has both public and private IP addresses (I believe this is the reason we couldn't properly test this on our test server)

I'm not yet sure what our IP address scenario is on our live site (need to talk with our server team), but if we have both public and private IP addresses, I'd like to try Login Ip Filtering.

A few questions:

- What is the proper way to specify allowing ONLY a specific range of IP addresses to be able to log in?

- Is it safe to test this feature on our live site?

- What is specifically required in terms of public / private IP Addresses for Login IP Filter to work properly?

- Are there other ways to accomplish this kind of protection (if not in DNN, possible in IIS?). Hiding the Login page?

- Has this feature been improved / enhanced in newer releases (7.3)?

- Any other tips for website security?

I'm still getting hourly attempts to log in to our website...

Thanks. Please let me know if there is any more information I can find about Login IP Filter, and DNN website security in general. This is a big concern to me. Also let me know if you think I should start a new thread for this subject.

Tom
 
New Post
7/21/2014 7:38 PM
 
Tom


Joined: 9/23/2011
Posts: 458
Maybe another approach would be to restrict our Login page itself (and maybe all Admin pages) to users on our network.

If that worked, then the bots/spammers, etc wouldn't even be able to get to the login page to make a login attempt. Right now I'm getting about two failed login attempts per hour, each with a different username and IP address. They are coming to three of our portals.

Is it possible to restrict login/admin pages to be viewed only by users on our network, (through IP Address filtering or some other means)?

 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Performance and...Performance and...how to deal with possible attack on websiteshow to deal with possible attack on websites


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out