Log bruteforce throttle and blocking

Signed-off-by: Joas Schilling <coding@schilljs.com>

diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php
index 6c898cdf7e6c493c24e605a3b54ec80638c9fef7..411a8a0763d8fd05ca20af7ddfec94c370e93544 100644 (file)
--- a/lib/private/Security/Bruteforce/Throttler.php
+++ b/lib/private/Security/Bruteforce/Throttler.php
@@ -350,9 +350,20 @@ class Throttler {
        public function sleepDelayOrThrowOnMax(string $ip, string $action = ''): int {
                $delay = $this->getDelay($ip, $action);
                if (($delay === self::MAX_DELAY_MS) && $this->getAttempts($ip, $action, 0.5) > self::MAX_ATTEMPTS) {
+                       $this->logger->info('IP address blocked because it reached the maximum failed attempts in the last 30 minutes [action: {action}, ip: {ip}]', [
+                               'action' => $action,
+                               'ip' => $ip,
+                       ]);
                        // If the ip made too many attempts within the last 30 mins we don't execute anymore
                        throw new MaxDelayReached('Reached maximum delay');
                }
+               if ($delay > 100) {
+                       $this->logger->info('IP address throttled because it reached the attempts limit in the last 30 minutes [action: {action}, delay: {delay}, ip: {ip}]', [
+                               'action' => $action,
+                               'ip' => $ip,
+                               'delay' => $delay,
+                       ]);
+               }
                usleep($delay * 1000);
                return $delay;
        }