Hello. Our ELGG installation is under attack. A massive flood of hits on /action/login is slowing the site down to a crawl. With nginx, I can block (444) all hits on /action/login to allow browsing the site, but then no users can login. Is it possible to change /action/login to - say - /action/rogin or another script/path?
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- Nikolai Shcherbin@rivervanrain
Nikolai Shcherbin - 0 likes
- nekhbet@nekhbet
nekhbet - 0 likes
- Nikolai Shcherbin@rivervanrain
Nikolai Shcherbin - 0 likes
- nekhbet@nekhbet
nekhbet - 0 likes
- Nikolai Shcherbin@rivervanrain
Nikolai Shcherbin - 0 likes
- nekhbet@nekhbet
nekhbet - 0 likes
- Nikolai Shcherbin@rivervanrain
Nikolai Shcherbin - 0 likes
- nekhbet@nekhbet
nekhbet - 0 likes
- Nikolai Shcherbin@rivervanrain
Nikolai Shcherbin - 0 likes
You must log in to post replies.Elgg version?
Elgg version : Release - 2.3.8, Version - 2016092300
1 - Override this view:
to add a new form\action
2 - For example, create a new form/action:
Just copy login form/action and paste to same directories as connect form/action.
Read code to understand more.
3 - Unregister the exists action/login:
And register your own custom action/connect:
All in start.php of your custom plugin.
(You can use My plugin for Elgg 2 for that).
Server side solution:
my_plugin does not show up in the admin/plugins applet.
Read this reply.
It's same for my_plugin.
Keep in your minds, this is a skeleton plugin and you must add your own cudtom views and make code.
Nothing works. I tried to use the start.php from the Front Page demo. I'm not sure where "$body = elgg_view_form('connect');" goes either. I give up. 20K users on our site are out of luck.
Have you read the documentation on the links I mentioned?
Over and over. It's gibberish. All that was needed was to have changed the login path.
If you had installed Elgg 3 then I would have given you 2 lines of code and that's it.
In your case, I need to take the time to write a few lines of code for you, create a few files and put them into a separate custom plugin.
All you need to do is read the documentation and do as I wrote above.