mysql install connection_control to limit the number of logins plug-in

Others 2021-02-26 15:02:27 views: null

The Connection-Control plug-in is used to control the delay of the client's response after a certain number of consecutive failed login operations. Can prevent client brute force cracking.

 

1. Check whether the plug-in is installed

If there is connection_control, it is already installed, if not, continue to the next step.

 

Two, install the plug-in

After mysql5.7, the mysql/data/lib/plugin directory adds the connection_control.so plug-in by default, just install it:

install plugin connection_control soname "connection_control.so"; #登录错误次数限制插件
install plugin connection_control_failed_login_attempts soname 'connection_control.so'; #为了把错误次数记录到表中

 

Three, set the plug-in

Check the installation status

Explanation:

  • connection_control_failed_connections_threshold: the maximum number of consecutive failures 3 times, 0 means not open
  • connection_control_max_connection_delay: The maximum time to block login after exceeding the maximum number of failures (milliseconds)
  • connection_control_min_connection_delay: The minimum time to block login after exceeding the maximum number of failures (milliseconds)

Modify the configuration command: set global connection_control_failed_connections_threshold=5

 

Fourth, modify the my.cnf configuration file

[mysqld]
plugin-load-add = connection_control.so
connection-control = FORCE
connection-control-failed-login-attempts = FORCE
connection_control_min_connection_delay = 1000
connection_control_max_connection_delay = 86400
connection_control_failed_connections_threshold	= 3

 

Five, query the status of the plug-in

Connection_control_delay_generated: indicates the number of times the connection control is used (users can judge whether there are violent login attempts)

Reconfigure the connection_control_failed_connections_threshold variable, the table record will be deleted (reset)

 

6. Query the number of failed logins for each account

use information_schema;
select * from connection_control_failed_login_attempts;

If you log in with a user that does not exist, the table records that the user name is empty, but the specific login IP will be recorded

 

 

Guess you like

Origin blog.csdn.net/sumengnan/article/details/114111579
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com