Your comments
SWEET!!! Thanks!!!
I don't think so.. but then again I have mine set for max 30 minutes without forcing the user to re-authenticate... no matter what. Default is 360.. I suppose folks can forget to log out or have their 2fa stuff stolen.
You should be using two form authentication.. Lot's of horror stories of folks that don't use that...
They were using Connectwise Control without two form:
https://www.pcmag.com/news/ransomware-attack-hits-400-dental-offices-across-the-us
So after upgrading to 21.1... the code has changed a lot in Login.aspx. Any update to this??? I spent a lot of time trying to get an email when I login. Nice to see you guys doing a lot of work on stuff though. Good work.
Decided to bite the bullet. Moved to self-hosted on Windows. Works great so far!
After what happened to Solarwinds... a developer pushing out a signed update that was hacked by the "insert country here"... I won't get anything that is not self hosted.
This is why I said no to automate. Control for Linux hasn't been that great the past year. Not stable at all.
You catch more flies with honey than vinegar or, sometimes you catch more flies with honey. Usually....
This works better.. kinda dirty but works.
if (result == LoginResult.Success)
{
File.AppendAllText(@"/var/log/screenconnect", DateTime.Now.ToString("MMM d H:mm:ss") + " screenconnect(" + Dns.GetHostName() +"): Authentication successful from " + GetIPAddress() + Environment.NewLine);
File.WriteAllText(@"/tmp/temp", GetIPAddress());
this.errorLabel.Text = null;
if (userName.IsNullOrEmpty())
throw new InvalidOperationException(WebResources.GetString("LoginPanel.InvalidUserNameText"));
var threadState = new
{
User = MembershipWebAuthenticationProvider.GetEnabledMembershipProviders()
.Where(_ => _ is IMembershipWithoutOldPasswordProvider)
.Select(_ => _.GetUser(userName))
.FirstOrDefault(),
Url = this.Context.Request.GetRealUrl(),
this.Context.Request.UserHostAddress,
this.Context.Request.UserAgent
};
if (threadState.User != null && !threadState.User.Email.IsNullOrEmpty())
System.Threading.ThreadPool.QueueUserWorkItem(delegate
{
string ipAddress = File.ReadAllText(@"/tmp/temp");
Extensions.Try(() => MailSender.Instance.SendMail(
threadState.User.Email,
"Successful Login from: " + ipAddress,
"Successful Login from: " + ipAddress,
Extensions.TryParseBool(WebResources.GetString("ResetPasswordEmailIsBodyHtml"))
));
});
this.Response.Redirect(this.Context.GetValidReturnUrlOrDefault());
}
Customer support service by UserEcho
You guys do realize we represent like 1% of their business model, right? Windows for the win! B*tches... ;)
What's coming up in 2021.5?
We’re very, very excited to bring you 2021.5 this spring, which includes one of our most-requested features: recording login attempts and lockouts in the audit log. Our developers have spent a lot of time fortifying the security of the product, and we hope this new feature becomes an integral part of your security management.
Additional improvements in 2021.5 include:
See our 2021.5 release notes for more details.
If you’re interested in testing a 2021.5 pre-release version for yourself, check out our download page. As always, we don’t recommend testing a pre-release version on a production server.
To receive email notifications on this latest release, use the "Follow" feature in the 2021.5 Output Stream thread.