0 views collected around this technical thread.
This article introduces the lightweight Lua scripting language, outlines its key features and typical use cases, and provides a complete example of using Redis together with Lua scripts (and a Java client) to enforce IP‑based login‑attempt limits for improved security.
Learn practical methods to identify users who exceed three failed login attempts within ten seconds, covering both a MySQL log‑table approach with window functions and a Redis‑based solution with key expiration, plus discussion of performance trade‑offs and atomicity considerations.
This article explains three PHP‑based techniques—captcha verification, encrypted parameter transmission, and dynamic token validation—to protect web login pages from automated crawling and credential‑stealing attacks, while also noting their limitations and implementation details.
This article examines common security risks such as brute‑force attacks, CAPTCHA bypass, login throttling, IP blocking, man‑in‑the‑middle threats, and outlines practical mitigation techniques including CAPTCHA, rate limiting, IP restrictions, mobile verification, HTTPS enforcement, and data encryption to harden web login functionality.
Designing a login interface requires not only functional implementation but also comprehensive security measures such as protecting against brute‑force attacks, implementing captchas, login throttling, IP restrictions, mobile verification, and mitigating man‑in‑the‑middle threats, while balancing usability and system robustness.
This article examines common security threats to login APIs such as brute‑force attacks, CAPTCHA bypass, IP blocking, and man‑in‑the‑middle attacks, and presents practical mitigation techniques including rate limiting, captcha, phone verification, HTTPS, and encrypted transmission to harden authentication systems.
This article explains how to record login failures, lock accounts after multiple errors, block client IPs based on IP ranges, and limit login attempts using server variables, database checks, and PHP session handling, providing complete code examples for each technique.
This article examines common security threats to login APIs such as brute‑force attacks, man‑in‑the‑middle interception, and credential enumeration, and presents practical countermeasures including captchas, IP and account lockout, mobile verification, HTTPS enforcement, and comprehensive logging to harden authentication systems.