How can I exclude certain IP addresses from throttling restrictions without hacking the system files?
This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.
The active forums are here.
April 27, 2012 11:03am
Subscribe [2]#1 / Apr 27, 2012 11:03am
How can I exclude certain IP addresses from throttling restrictions without hacking the system files?
#2 / Apr 27, 2012 1:02pm
Which type of throttling? Bad passwords?
If yes then I think your best bet is to write an extension that hooks into member_member_login_start. You would check the current IP against your list, and then delete the relevant entries from the exp_throttle table.
#3 / Apr 27, 2012 1:07pm
Thanks for your reply. I am referring to the built in throttling found in Admin > Security & Privacy > Throttling Preferences in the EE Admin.
#4 / Apr 27, 2012 1:33pm
Doh, my last post should have said “exp_password_lockout” instead of “exp_throttle.”
EE does not have any throttling hooks, so I would still follow the rough process outlined in my last post but implemented on a different hook:
* Use sessions_start to run code on every page load.
* Match $this->EE->input->ip_address() against your list to avoid extra DB hits.
* If matched, DELETE FROM exp_throttle WHERE ip_address = “[their IP]”
Does that make sense? Throttling is done early in the load to avoid unnecessary overhead for blocked users. This extension will essentially follow up later and remove the current IP from the throttle watch list.