I got on my 1.4.1 forum the following pm :
An account was just locked. Below are the details.
Account Locked: XXXXX
IP For Who Locked It: 91.213.50.235
This is an automated response, do not reply. If you have an IP tracker installed, check the above IP against the ones you have stored in the database.
And repeated 80 times, for 80 different accounts, last 24 hours... My best guess is that someone tries to brute force all account one after the other.
Two questions :
- how can I prevent that (IPs are different everytime...)
- how can I reset the security so that all those members do not need to answer their security question (preferably by myphp to do it automatically).
I also must mention that all administrator accounts, including mine, where targeted too, and I had to use several time the captcha procedure to unblock my own account...
Thanks <img>
sanji