Authentication: Anti-hammering / Login blocker

Maintained by Picture of Sebsoft PluginsSebsoft Plugins, Picture of Rogier van DongenRogier van Dongen
The Sebsoft Anti Hammering Authentication Plugin offers you the possibility to prevent hammering your login system. This plugin can be configured to "smart detect" so called hammering on IP basis or for users in general.
108 sites
11 fans
Current versions available: 4


The Sebsoft Anti Hammering Authentication Plugin offers you the possibility to prevent hammering your login system.

This plugin can be configured to "smart detect" so called hammering on IP basis or for users in general.

Hammering is the process of pretty much brute force attacking Moodle's login system.

This plugin detects the IP address of the remote client, and will track the entered username (and, if the

username exists, also the Moodle userid) and stores it's information to block the user and/or IP address

depending on the configuration of your authentication plugin.

When the plugin has been installed, you should enable or disable blocking by IP and/or username and

configure the timespan at which detection is valid and number of times an attempt can be made.

This plugin can also be configured to make use of the messaging API in moodle.

This is a specific setting that needs to be enabled; if not configured the messaging API will not be used.

Please note receiving messages is not configured for everybody by default. Every applicable person (usually

administrators) MUST configure their preferences if they'd like to receive these messages.

Moodle's lockout system vs Antihammer:

Moodle already has the capability to (temporarily) lock out users

However, this plugin will add to that functionality, enabling to also take a look at specific IP usage of users trying to login.

There is *no* interaction with the lock out users system of Moodle.

If you want to be able to use the default method of Moodle account locking, but want to use

this plugin for the additional functions of being able to block hammering/testing of passwords

from a certain IP, you need to enable the IP Settings of the antihammer plugin.

You *need* to keep the User mode/setting disabled if you wish to keep Moodle's standard account lockout.

Furthermore this function differs from the Moodle implementation as Moodle will also allow

you to configure if you want to send an e-mail with a unlock link.

The Antihammer authentication method does not do this, as it's more of a way to

provide additional security and possibly block attacks with admin notification.

*Warning*: Whatever you do, do *never* enable both the user mode in Antihammer

AND the account lockout feature together, this may/will cause unintended side effects.

Important note:

This plugin does not neccessarily prevent brute force hacking when IP detection is not configured.

When the only checks are done based on the username, and an attacker uses a different username on virtually

every request (dictionary hacking), a lot of log/status records will be created, but this plugin can't

really do anything (simple because the username is differing too often). In that case IP blocking might help.

Please note this authentication plugin creates administration menu items to view the logs and status tables.


- Copy the antihammer folder to your auth directory.

- Configure your authentication plugin.

- We're ready to run!


Screenshot #0


Picture of Sebsoft Plugins
Sebsoft Plugins (Lead maintainer)
Picture of Rogier van Dongen
Rogier van Dongen: Lead maintainer / developer
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
  • Picture of Plugins bot
    Wed, Oct 28, 2015, 4:24 AM
  • Picture of David Mudrák
    Tue, Nov 17, 2015, 5:42 PM

    Your bug tracker gives "Access denied".

  • Picture of David Mudrák
    Tue, Nov 17, 2015, 7:25 PM

    Thanks. Please see your bugs tracker for couple of issues spotted while reviewing this. At least the redirect thing should be fixed before we approve this plugin here. Thanks for your patience with the review and approval process.

  • Picture of Sebsoft Plugins
    Tue, Nov 17, 2015, 7:31 PM
    Thank you, will be working on them soon and providing an improved version as soon as we can. Thanks for your feedback smile
  • Picture of David Mudrák
    Sat, Jan 9, 2016, 3:59 AM

    Thanks for the updated version and all the fixes. Sorry for the delay in the review caused by the holiday break. You are cleared to land now, welcome to the Plugins directory.

  • Picture of Bert van der Hooft
    Mon, Aug 15, 2016, 12:18 PM
    In moodle 3.0 and 3.1: cronjob hangs. When is a new working version to be expected?
  • Picture of Rekha C
    Fri, Jan 13, 2017, 12:14 AM
    Hi, Please provide for 3.2 soon
  • Picture of Sebsoft Plugins
    Wed, Feb 1, 2017, 12:58 AM
    We're currently testing the new version for 3.2 in our internal tests.
  • Picture of Rogier van Dongen
    Thu, May 11, 2017, 10:34 PM
    New version is here!
    No real changes (except for a small few additions, changes to adhere to Moodle's Coding Standards).
    Functionality tested on Moodle 3.0, 3.1, 3.1 and 3.3

  • Picture of Rekha C
    Sun, Sep 24, 2017, 6:35 PM
    In moodle 3.3, When I click on reports or Logs, 'Coding error detected, it must be fixed by a programmer: PHP catchable fatal error'.
  • Picture of Rogier van Dongen
    Mon, Nov 6, 2017, 8:06 PM
    New version!
    pix_url has been replaced with image_url()
    Version requirement for Moodle: 3.3 and onwards.
    @Rekha: I've not been able to reproduce as of yet, and also still waiting on a response to the private message I sent.
  • Picture of Pusdiklat BMKG
    Sun, Dec 29, 2019, 6:49 PM
    Please kindly make it available on moodle 3.5, 3.6, 3.7,3.8. Thank you.
Please login to post comments