Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Route Access Log and Additional Route Features #113

Open
21 tasks
ShawnClake opened this issue Apr 19, 2017 · 0 comments
Open
21 tasks

Route Access Log and Additional Route Features #113

ShawnClake opened this issue Apr 19, 2017 · 0 comments

Comments

@ShawnClake
Copy link
Owner

ShawnClake commented Apr 19, 2017

Add a Route Access Log. This would track:

  • The latest users to access a route.
  • Successful attempts
  • Failed attempts
  • Last successful attempt
  • Last failed attempt
  • Problematic Roles, Groups, IP's or Users
  • Which users, roles, groups, IP's are accessing the route the most

It would add settings for:

  • How big of a history to track for each route. Default: the last 200 accesses, 0 means unlimited
  • DB log or file log or both. Use radio buttons
  • Enable Throttle and deny spam attempts
  • Throttle threshold. Measured in attempts per minute
  • Maintenance page destination
  • Route denied page destination. This would be a default if one isn't set in the component inspector

Changes to Features:

  • Current enable switch becomes a enable restrictions switch
  • If only whitelist restrictions exist, then assume no one can access the page except those people who are whitelisted
  • If only blacklist restriction exist, then assume everyone can access the page (Except people who arent logged in) except for those people who are blacklisted.

Add features for:

  • Clear individual route logs
  • Clear all route logs
  • Only tracking a route without restricting it. Guest attempts should still be logged via IP. This could be used to thwart DDoS or hack attempts
  • Add a radio button set for putting a route into enabled, maintenance mode, or hidden mode. It will do nothing special on enabled. Maintenance: This will redirect to the maintenance page ONLY if you have access, otherwise you will go to the denied access page. Hidden: This will make it appear as if the page doesn't exist to all users except those logged into the backend.
  • Denying access if you cross the threshold in route attempts. This applies to ALL routes and not just a single route.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant