Good afternoon all, I am looking for a way to disable a user account after he or she has attempted ten unsuccessful login attempts. Thanks for your time.
Good afternoon all, I am looking for a way to disable a user account after he or she has attempted ten unsuccessful login attempts. Thanks for your time.
You can check the below link for Defender Functionality which will allow to disable/block user access.
Please late me know if you face any issue.
You store the number of login attempts in session:
if($incorrectPassword)
Yii::app()->session['loginAttempts'] = Yii::app()->session['loginAttempts'] + 1;
Then, you limit the login attemps like this:
if(Yii::app()->session['loginAttempts'] == 5)
die('Maximum login attempts reached');
Alternatively, you can limit the user attempts by IP. Then, you use $_SERVER[‘REMOTE_ADDR’] to get the user IP.