Handle bindip reject in the same way as logon with wrong password

[whinner]

Hi !

If you are using "bindip" on the user account and the user gets a new ip address, the logon request is rejected and the result is logged in the feed. This occurs over and over again and there is no limitation of the attempts.

Is it possible to handle this in the same way as a logon request with wrong password. After "N" attempts with incorrect ip address, the hub should do a "!tempbannick <nic> 2 "Contact OP if you need to change IP-adress" 
If possible, the ban string should be customisable.

[LadyStardust]

Nice suggestion. I would think about new !set setting for this, to choose action taken after failed attempts to login.

[FlipFlop™]

Good idea, but tempbannick is not the right one, since someone else can then trigger an admin nickban by simply connecting from the wrong IP. But temp ipban is possible, just like what happens now on too many wrong passes.

The bindip will have to be updated manually by someone in the hub anyway if the IP actually changed for that account. On a change of bindip the hub could even check if there's a ban with that IP and suggest to unban.

[whinner]

Well,

I think the "ban" type should be based on the available input information.

If someone is trying to logon to a userid -

A) with incorrect password and the "ip address" do not match, the ban should be on the "ip address". 
B) with incorrect password and the "ip address" match, the ban should be on the "userid".
C) with correct password and the "ip address" do not match, the ban should be on the "userid".

With this logic, someone else can not trig an admin nickban. The user ban is only trigged if the correct userid/password or the correct user/ip is used.

But, this is just details. This important issue is the automatic ban...

[FlipFlop™]

Banning on CID (client ID) isn't done in FlexHub.
The CID and PID are too easy to retrieve from someone, so not secure.