+1
Pending Review

Add Ability to Allow/Block Certain User Agents From Login(IE. Linux)

Wesley123 5 months ago 0

Request to allow only certain User Agents to Login (Like Windows Chrome, Windows Mozilla) and block others (IE. Linux Chromium)
Looking to white list only Windows logins for our use case. 

Reason:

My audit log shows a very persistent brute forcer trying to guess user names. Always comes from different IPs and always from a Linux user agent. We only user Windows and want to prevent all other login attempts. 

Bad login, brute force attempt:

User Name:admin
Result:UserNameInvalid
Address:134.122.6.139
User Agent:Mozilla/5.0 (X11; Ubuntu; Linux i686 on x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2820.59 Safari/537.36
User Source:Cloud

Valid login attempt:

User Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36

Available in Version: