Jeremey,
I wrote a program for that purpose for some adult sites a while back. My
solution was to write a cron script that every 5 minutes analyzed a
section of the access logs for the requets by authed users and the
compared acess times with IP's the authed user was connecting from. This
solution worked well most of the time ;-). A problem was dealing with
really large proxys like AOL. When my program found a suspicious user
making many requests in a short time from more that 4 different IP's, then
the program automatically changed the password ,emailed me with the
information on its actions and the user with that username is
automatically emailed too. From the email and a little more research, I
decide whether or not reinstate it or trash it.
Just my $.02,
Bill
--
Bill Desjardins - [EMAIL PROTECTED] - (USA) 305.205.8644
Unix/Network Administration - Perl/Mod_Perl/DB Development
http://www.CarRacing.com - Powered by Mod_Perl!
Free WebHosting for Race Tracks, Race Teams and Race Shops
On Wed, 5 Jan 2000, Jeremy Wilson wrote:
> I figure someone, somewhere has done this already, so I thought I might ask
> here.
>
> What I need to do is limit the number of times a user can connect to the
> webserver. Basically, if user x is authenticated from more than y number
> of IPs within z minutes, I want the authentication to be declined.
>
> Does such a module already exist?
>
> Thanks for any help...
>
