Do not continue to increased failed attempts/unauth access count, if they're blacklisted

Version 1.61.0


The 2222 failed attempts and unauthorized attempts counters were trying to count up, after the IP was already added to the ip_blacklist. The issue was that the moment the IP is added to the blacklist, the data/admin/ip_access/ folder is deleted so that the IP can be cleared from the ip_blacklist and continue to login one the admin clears it, or the removal time kicks in. This should only be a cosmetic error causing extra log entries, eg: 2020:02:22-12:55:57: Error opening ./data/admin/ip_access/ for appending count: No such file or directory which should be caused by the ip_blacklist having the already, added in the same process just before DA tries to increase the count.. but the directory is gone, hence the error. Future requests should blocked by the ip_blacklist, so it shouldn't get this far again. Also bug with Evolution where it needs to check for the header: X-DirectAdmin: blacklisted since the block output is generated before anything is parsed, so the json=yes in the POST or headers is fully ignored, and the output isn't json (ever). Thus the header response is the only reliable source of knowing of the blacklisted value, so it gives the proper message (bug is that it says "wrong user/pass" instead of blacklisted.) ---- EVO:1835

Interested to try DirectAdmin? Get a 30-day Free Trial!