| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Odoo Apps Dependencies |
Discuss (mail)
|
| Lines of code | 584 |
| Technical Name |
db_bruteforce_guard |
| License | LGPL-3 |
| Versions | 17.0 18.0 19.0 |
| ODOO 18 READY | COMMUNITY | ENTERPRISE |
Database Brute Force Guard
Track failed logins, alert administrators, and automatically block attacking IP addresses.
Screenshots
See the blocking flow first, then review configuration, logs, IP states, and email alerts.
Automatic IP Blocking in Action
After repeated failed login attempts, the suspicious IP is blocked and the event is stored for review.
Security Menus in Settings
Administrators can open configuration, login attempts, and IP state records from the backend menu.
Configure Failure Window and Thresholds
Set when to send alerts, when to block an IP address, and whether geolocation lookup should be enabled.
Review Login Attempt History
Each failed, successful, and blocked login attempt is recorded with request and device information.
Monitor Blocked IP Addresses
Track failure count, last login tried, blocked status, location details, and manual unblock actions.
Blocked Login Protection
Blocked source IP addresses are stopped before authentication continues.
Email Alert to Administrators
Administrators receive a security notification when suspicious login activity reaches the alert threshold.
Feature Highlights
- Track failed, successful, and blocked login attempts.
- Rolling failure window per source IP address.
- Automatic IP blocking after configurable failed login threshold.
- Email alerts to configured recipients or system administrators.
- Request metadata capture: route, method, browser, OS, device, and forwarded IP.
- Optional geolocation details: country, city, region, timezone, ISP, and organization.
- Backend audit views for login attempts and IP states.
- Manual unblock action for blocked IP addresses.
Quick Setup
- Install the module.
- Open Settings and go to Login Security.
- Configure the failure window, alert threshold, block threshold, and recipients.
- Review security attempts and unblock trusted IP addresses when needed.
Q: Does it work for both Community and Enterprise?
A: Yes, Odoo 18 Community and Enterprise are both supported.
Q: Can I change when alerts and blocking happen?
A: Yes, administrators can configure the alert threshold, block threshold, and failure window.
Q: Can blocked IP addresses be unblocked manually?
A: Yes, system administrators can unblock IP addresses from the backend IP States view.
Q: Is geolocation required?
A: No, geolocation lookup is optional and can be disabled from configuration.
v18.0.1.0.0
- Initial release for Odoo 18.
- Failed, successful, and blocked login attempt tracking.
- Automatic threshold-based IP blocking.
- Administrator email alerts and backend audit views.
- Optional geolocation enrichment for public IP addresses.
Support
Questions, fixes, and customization requests: optinassist@gmail.com
Please log in to comment on this module