Page 1 of 2 1 2 LastLast
Results 1 to 25 of 34
  1. #1
    wuss
    Reputation: dropadrop's Avatar
    Join Date
    Sep 2005
    Posts
    2,364

    Failed Login Notification

    I just got a "Failed Login Notification" email from mtbr regarding my account. Prior to this I had tapatalk suddenly fail to login a few times, and it's probably the cause.

    However there is potentially quite a serious problem with the way this feature has been configured. It tells me:

    The person trying to log into your account had the following IP address: 10.200.5.252
    That's not the IP I see on my phone, but nevertheless it's a private IP which only exists on a local network. This would imply that instead of getting the IP address from the request that attempts to log in, you are looking for a x-forwarded-for header or something similar. If you are doing the same for the login attempt it means I could block access for 90% of people on the forums in about one minute...

    1. Make a script which attempts to log in to some random accounts, over 5 times each
    2. For each of the attempts change the x-forwarded-for header to have an IP from ranges 192.168.0.1-254, 192.168.1.254 and most common 10.x ranges.
    3. These ip's will be blocked, but they are the private IP's used in all consumer routers, meaning that all users that have a router which includes the clients private ip in an x-forwarded-for header will be blocked from the forum for 15 minutes.

  2. #2
    mtbr member
    Reputation: albertdc's Avatar
    Join Date
    Mar 2007
    Posts
    427
    I got the same login notification this morning with tap a talk failing to log in. The op is spot on - my failed ip address was identical to his.
    I changed my password via a web browser and then got things working again, but I wonder what was going on this morning.


    Sent from my Galaxy S3

  3. #3
    wuss
    Reputation: dropadrop's Avatar
    Join Date
    Sep 2005
    Posts
    2,364
    If you had the same IP, it either means somebody was trying to eploit the tapatalk API or the login request is proxied through their server. The problem still exists, if you are blocking private IP's from loging in it will affect a large amount of users as the IP's by design are shared by a lot of people.

    Another possibility is that this private IP is actually used by one of your own servers, and when you block it you are blocking all requests... In that case you should be whitelisting your own IP's.

  4. #4
    Ride More, Whine Less
    Reputation: heyyall's Avatar
    Join Date
    Nov 2011
    Posts
    7,538
    I'm getting the same errors from IP 10.200.5.252.

  5. #5
    mtbr member
    Reputation: albertdc's Avatar
    Join Date
    Mar 2007
    Posts
    427
    Yep, it just happened again when I tried to open the MTBR forums via Tap-a-talk. It said that I had 15 failed attempts and locked me out.
    Went to a desktop computer, and logged in no problem.
    BTW - went to another, unrelated, forum via Tap-a-talk and it worked fine, so the issue seems linked between tap-a-talk and MTBR.

    @Heyyall - were you also using the tap-a-talk app via a smartphone when you got the error?

  6. #6
    Ride More, Whine Less
    Reputation: heyyall's Avatar
    Join Date
    Nov 2011
    Posts
    7,538
    @albertdc, yes, tapatalk via an iphone. Web seems to work just fine. I've increased the complexity of my password until we figure this out.

  7. #7
    mtbr member
    Reputation: albertdc's Avatar
    Join Date
    Mar 2007
    Posts
    427
    I have even deleted the forum from tap-a-talk because I do not want it to keep trying to access the account. Hopefully someone will post here when the problem is solved.

  8. #8
    mtbr member
    Reputation: flxpain's Avatar
    Join Date
    Jul 2012
    Posts
    35
    I'm also getting this from Tapatalk on my iphone. Hopefully a fix is found....

  9. #9
    mtbr member
    Reputation: ocean_29's Avatar
    Join Date
    Mar 2012
    Posts
    80
    Same problem here with the same ip.
    I was using tapatalk, wait for 15 minutes delete mtbr from tapatalk and then again used the same password and now it's ok. Can't figure out till now what exactly happened. Do I need to change passwords ?

  10. #10
    mtbr member
    Reputation:
    Join Date
    Mar 2009
    Posts
    127
    Same problem here with iPhone and Tapatalk.

  11. #11
    mtbr member
    Reputation: minh's Avatar
    Join Date
    May 2004
    Posts
    377
    same here with iPhone and tapatalk. other forums ok even roadbikereview. desktop ok and even safari through iPhone ok (which is what I'm using now). same: 10.200.5.252

  12. #12
    mtbr member
    Reputation: albertdc's Avatar
    Join Date
    Mar 2007
    Posts
    427
    Quote Originally Posted by ocean_29 View Post
    Same problem here with the same ip.
    I was using tapatalk, wait for 15 minutes delete mtbr from tapatalk and then again used the same password and now it's ok. Can't figure out till now what exactly happened. Do I need to change passwords ?
    I had changed password this morning before I saw this thread and it seemed to work OK. About an hour later, it gave the same failed login notification. I will be curious to see whether your fix holds, but I will venture a guess that it will not. There is something fishy going on....

  13. #13
    Loves to suffer
    Reputation: freighttrainuphill's Avatar
    Join Date
    Feb 2012
    Posts
    1,149
    Problem seems to be fixed here. I had the same login error for a while, from IP 24.7.177.74. I didn't get a chance to try logging in from my phone.

  14. #14
    mtbr member
    Reputation: ocean_29's Avatar
    Join Date
    Mar 2012
    Posts
    80
    Quote Originally Posted by albertdc View Post
    I had changed password this morning before I saw this thread and it seemed to work OK. About an hour later, it gave the same failed login notification. I will be curious to see whether your fix holds, but I will venture a guess that it will not. There is something fishy going on....
    I don't use the password except this forum but I don't know If this has point

    Until now things seem normal with tapatalk with that I said earlier. If something will get wrong I ll inform.

    Quote Originally Posted by freighttrainuphill View Post
    Problem seems to be fixed here. I had the same login error for a while, from IP 24.7.177.74. I didn't get a chance to try logging in from my phone.
    Hmm that ip is different ...

  15. #15
    Ride More, Whine Less
    Reputation: heyyall's Avatar
    Join Date
    Nov 2011
    Posts
    7,538
    I've received 2 emails: one at 7:17 am (cent) and another at 9:59 am. I suspect this is a sophisticated mass hacking attempt where the hackers are cycling through a list of user names (tapatalk users or potentially just a list taken from posts) and trying to crack the passwords. When the account gets locked out, it moves on the next username.

  16. #16
    sock puppet
    Reputation: osokolo's Avatar
    Join Date
    Jan 2004
    Posts
    8,465

    i got the same message this morning - same IP address

    as well...

    but after 10 min of unsuccessfully trying to log in - i was able to log in eventually...

    Quote Originally Posted by albertdc View Post
    I have even deleted the forum from tap-a-talk because I do not want it to keep trying to access the account. Hopefully someone will post here when the problem is solved.

  17. #17
    rho
    rho is offline
    Captain Pinchflat
    Reputation: rho's Avatar
    Join Date
    Dec 2007
    Posts
    1,575
    Same issue with tapatalk.

    Sent by smoke signal.

  18. #18
    Ride More, Whine Less
    Reputation: heyyall's Avatar
    Join Date
    Nov 2011
    Posts
    7,538
    When the tapatalk locks me out, I can't log into the website either. If the account is "remembered", I seem to be able get in.

  19. #19
    mtbr member
    Reputation: ocean_29's Avatar
    Join Date
    Mar 2012
    Posts
    80
    Quote Originally Posted by albertdc View Post
    I had changed password this morning before I saw this thread and it seemed to work OK. About an hour later, it gave the same failed login notification. I will be curious to see whether your fix holds, but I will venture a guess that it will not. There is something fishy going on....
    yes you are right.

    2nd time ( tapatalk) and after a while, ip 10.200.5.252 same as first time tried to log in

    whats going on ?

  20. #20
    mtbr member
    Reputation: minh's Avatar
    Join Date
    May 2004
    Posts
    377
    just failed login through safari (it worked before) but able to login through desktop.

  21. #21
    workin' it Administrator
    Reputation: rockcrusher's Avatar
    Join Date
    Aug 2003
    Posts
    8,028
    Not just tapatalk, I am getting it on chrome/win platform and Firefox.

    Admin has been notified.
    Try this: HTFU

  22. #22
    mtbr member
    Reputation:
    Join Date
    Aug 2012
    Posts
    13
    Got that since morning, just been able to log..

  23. #23
    workin' it Administrator
    Reputation: rockcrusher's Avatar
    Join Date
    Aug 2003
    Posts
    8,028
    Might have been a spammer i just killed.
    Try this: HTFU

  24. #24
    Loves to suffer
    Reputation: freighttrainuphill's Avatar
    Join Date
    Feb 2012
    Posts
    1,149
    Cannot login from desktop computer at another location. Same ISP as earlier when I couldn't log in (Comcast). IP is 98.255.32.248.

    I am on my Android phone now, using the Android browser. No problems so far.

  25. #25
    keeptrollintrollintrollin
    Reputation: codyh12345's Avatar
    Join Date
    Sep 2011
    Posts
    344
    Tapatalk on my Android has been down since this morning. Giving me the same "you've logged in too many times, wait 15 minutes" crapola. I am fine logging on with my PC... just my cell that wont work.

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may edit your posts
  •