Abandon Domoticz login screen based on country

[zicht]

Hi

Important edit :
-- DO NOT USE THE BELOW CODE on Login.HTML -->> IT CREATES A SECURITY RISK !!! --
(better use similar in index.html, tested and no security risk so far discovered)

I suffer from some annoying people and bots that try to login to domoticz from all over the world. Mostly Azia, America, Africa)
Luckey they did not succeed and i have set up allready a VPN service to avoid it

Never the less i was thinking of a nice "improvement"/adjustment to avoid this and i wanted to share for anyone that can benefit from it.
The code i have implemented in login.html just after </style> :

Code: Select all

<script>
function mijnding(){
<!-- Detect local or not -->
	$.get("https://ipinfo.io", function(response) {
	console.log(response.ip);
	document.getElementById("IP").innerHTML = response.ip;
	document.getElementById("Country").innerHTML = response.country;
	if (response.country != 'NL' ) {$(location).attr('href', 'http://hmpg.net/') }
	}, "jsonp");
}
mijnding()
</script>

And after the last</Div>

Code: Select all

<center>
<Div id="IP" style="font-size:70%"></Div>
<Div id="Country" style="font-size:70%"></Div>
</center>

So now all outside of NL are redirected to the end of internet Whoehoe

(edit : corrected typo)

[Egregius]

Why not just run fail2ban and ban any ip that does a failed login attempt? 1 fail = 10 minutes blocked, 2 fails = 1 week blocked.

[zicht]

If you tell me how to run fail2ban on windows ?

(could not get the rPi family proof unfortunately,
and had allready a windows laptop running 24/7, so combined it,
yeah i know I am lazy )

[Egregius]

Oh, in that case...
Maybe use scopes in your firewall so only subnets from The Netherlands have access?