Admin log-in attempt monitor
In order to assess the benefits of our Fair Log-in gate keeper Plug-in, we conducted a test, in which we logged all IP addresses that called our back-end admin webpage during eight (8) full days. For the assessment, we used the Business Edition of our plug-in, set up to log all back-end page calls, as well as the IP's originating country. |
Preliminary remarks
- All foreign IPs calling our back-end admin page were logged and the IP was immediately blocked for subsequent access. Please note that the calling IP had merely called the page, i.e. it had not tried to log into the back-end.
- Page calls from our own country (Netherlands) were not logged and are therefore not included.
- We had noticed at an earlier stage, that back-end page calls were significantly less frequent from a given country when subsequent page accesses by the IP were not being blocked.
- In this test, we experienced a huge number of page calls originating from only very few countries, as if our blocking of the calling IP address triggered a renewed attempt under a different IP address, causing an avelange-like process.
Results
- Over the whole test period, i.e. 8 x 24 hours, a total of 6745 back-end page calls by 6745 IP addresses were recorded, which averages to 1 page call each 1.7 minute.
- The top 5 countries (IP origin) are responsible for 88.5 % of the page calls. The top 5 countries are all outside the European Union.
- The highest page call score is from Russia: 74.8 %. Second is Ukraine with 8.3 %.
View / download
You may view or download the log summary of this test here (PDF).
Please note: We will not share the full individual records of this test.
Conclusion
The total number of back-end page calls was significantly greater than we had expected, considering who may have an interest in accessing the back-end of our website. We want to stress again, that all these page accesses were NOT log-in attempts, but still... who may want to visit our back-end admin page in the first place?
The Business Edition (J25 / J3x) of our Fair Log-in plug-in facilitates the blocking (and optional logging) of back-end page calls, before these can evolve into log-in attempts. It is therefore an excellent preventive measure against unwanted log-in attempts to the back-end.
Innato BV
22-Aug-2015