Hi,<br><br>I would like to get involved with RoundCube development and thought I would try to add this feature: <a href="http://trac.roundcube.net/ticket/1486636">http://trac.roundcube.net/ticket/1486636</a><br><br>Before I begin, I would like to check if this feature is actually desirable to the dev team?<br>
<br>My initial thought on how to implement this would be:<br><br>Add three new config settings - ban_ip_enabled, ban_ip_threshold, ban_ip_length<br>Add a new SQL table (banned_ips) with three fields - &quot;ip&quot;, &quot;failed_login_count&quot; and &quot;expiry_time&quot;<br>
Make two modifications to program/include/rcmail.php:<br>    ~ line 613: after a failed login attempt failed_login_count is incremented for this IP, and the expiry_time is set to (now + ban_ip_length)<br>    ~ line 551: before checking if the user/hostname is valid, check that &#39;SELECT count(banned_ip) FROM banned_ips where IP=$remote_ip and failed_login_count &gt; $ban_ip_threshold and expiry_time &gt; NOW()&#39; returns 0<br>
<br>ban_ip_enabled would be checked before performing either of the checks above.<br><br>I would appreciate comments/suggestions on this approach. Also, I am not quite sure of the best way to clear out the expired entries from the banned_ips table. Is there some internal RC mechanism for performing tasks (in this case, issuing a SQL query to delete old entries) at specified intervals?<br>
<br>Cheers,<br><br>Mike<br><br>