Errors triggered after "you've reached your login attempts threshold"

[a10]

Have seen this a few times, starts with some normal error messages, from some legit member and ip, example:
Password incorrect - tdf233
&
Sorry, but you've reached your login attempts threshold. Please wait 30 seconds and try again later.

From there it produces 100's of errors labeled Guest, all with the same timestamp. Examples:

2: in_array() expects parameter 2 to be array, null given
Apply Filter: Only show the errors from this file
File: /customers/1/9/*/httpd.www/forum/Sources/Security.php
Line: 839

2: array_unshift() expects parameter 1 to be array, null given
Apply Filter: Only show the errors from this file
File: /customers/1/9/*/httpd.www/forum/Sources/Load.php
Line: 1594

8: Undefined index: smiley_set
Apply Filter: Only show the errors from this file
File: /customers/1/9/*t/httpd.www/forum/Sources/Load.php
Line: 1550

8: Undefined index: email
Apply Filter: Only show the errors from this file
File: /customers/1/9/*/httpd.www/forum/Sources/Load.php
Line: 1541

2: array_intersect(): Argument #2 is not an array
Apply Filter: Only show the errors from this file
File: /customers/1/9/*/httpd.www/forum/Sources/Security.php
Line: 842

2: implode(): Invalid arguments passed
Apply Filter: Only show the errors from this file
File: /customers/1/9/*/httpd.www/forum/Sources/Subs.php
Line: 3917

+ a few hundreds more, then stops, all within the same minute.

No other errors, only these immediately appearing after the failed login.
Thanks
   

[kat]

I would suspect that it's someone trying to "Brute-force" entry.

Quite why you're getting the file errors, I couldn't even begin to speculate, though.

Can you attach, say, Load.php, so that we can take a gander at it?

[a10]

I would suspect that it's someone trying to "Brute-force" entry.

Hello, thanks for replying. Doesn't look like any brute. As mentioned, the initial 'normal' errors are from well known members using legit ip's. The subsequent 100's of errors comes immediately after the 'Please wait 30 seconds and try again later'.

Load attached.

[kat]

That file seems fine, to me. A thought crossed the emptiness of my mind, though... I wonder if your php version's kinda old and discumboobilated...?

[a10]

if your php version's kinda old

see http://one-docs.com/specs/ (they are preparing to go php 5.5)
Just the 1 minute long deluge of errors started by the failed login. Zero errors before or after, and forum working very good.

[a10]

If anyone is interested in investigating the cause, here's the complete list off errors for one member trying to log in, errors immediately generated after the failed login, then suddenly stopped. Thanks.

[kat]

Rather odd, this...

If you go to the Forum Maintenance section and repair things, does anything peculiar manifest itself?

[a10]

Forum Maintenance section and repair things, does anything peculiar manifest itself?

Hello, no errors and nothing to repair, and forum works great. Apart from the subject of this topic, never any forum related errors in the log, just a few normal 'password incorrect' now and then.

[kat]

Does your forum really reside at an httpd URL? (I'm fishing, here, as you may have noticed)

[a10]

Does your forum really reside at an httpd URL?

No. A very normal http://www.

[margarett]

Can you attach Security.php?

[a10]

Security.php attached. Only (known) modification in there is 'redirect banned users', installed without errors and works well.

[margarett]

I'll have to check only later, sorry. I can't get my computer with internet...
(I'm now on the phone)

[kat]

Odd... I wonder why the errors are referring to "/httpd.www/forum"...

Maybe Bruno has a cunning plan...

[margarett]

That's probably just the name of the folder structure on his server. Usually it's www or public_html but a name is just a name

Sorry, definitely can't get my computer online so I can only check this at weekend, at best.

[kat]

Ta, mate. Never seen that, before. I know it's a Hypertext Transfer Protocol Daemon thingy, that waits for requests to come in from the rest of the Web. Just never seen it. before, and didn't expect it to appear in error messages, like that.

[a10]

^^^ "Apache httpd has been the most popular web server on the Internet since April 1996"  http://httpd.apache.org/

/customers/1/9/0/******.net/httpd.www/ is the (correct) path set in 'Server Settings' SMF Directory, Sources Directory, Cache Directory.

About the errors, not seen again, and will probably not happen before someone again triggers the 'Sorry, but you've reached your login attempts threshold'.

[margarett]

I just tried that and I can't reproduce it, sorry. Not with or without that MOD installed...

[a10]

Hello, thanks to those who looked at this. Also tried reproducing the error with no result, & nothing in the error logs since this initially happened, only a few normal 'Password incorrect's.

Supposing we can archive this (and reopen the topic should it ever reoccur, or getting reports of some similar stuff). Thanks.

[a10]

New dose of 100's of errors today, same member as before trying to log in, using same ip, all starting with a 'Password incorrect'. Apart from this, zero errors. Member & ip is legit. A few examples:

http://www.*/forum/index.php?action=reminder;sa=picktype
2: in_array() expects parameter 2 to be array, null given
File: /customers/1*/httpd.www/forum/Sources/Security.php
Line: 839

http://www.*/forum/index.php?action=reminder;sa=picktype
2: array_intersect(): Argument #2 is not an array
File: /customers/1/*/httpd.www/forum/Sources/Security.php
Line: 842

http://www.*/forum/index.php?action=reminder;sa=picktype
2: implode(): Invalid arguments passed
File: /customers/1/*/httpd.www/forum/Sources/Subs.php
Line: 3917

http://www.*/forum/index.php?action=reminder;sa=picktype
8: Undefined index: total_time_logged_in
File: /customers/1/*/httpd.www/forum/Sources/Subs.php
Line: 3260

http://www.*/forum/index.php?action=reminder;sa=picktype
8: Undefined index: time_format
File: /customers/1/*/httpd.www/forum/Sources/Subs.php
Line: 792

http://www.*/forum/index.php?action=reminder;sa=picktype
8: Undefined index: smiley_set
File: /customers/1/*/httpd.www/forum/Sources/Load.php
Line: 1550

edit: member also tried from another ip (legit). & latest error sql attached.