Invalid CSRF Token __CSRFToken__

Invalid CSRF Token CSRFToken

guilhermeluizlessa

I would like suggestions for ways to solve or minimize the potential attacks that my osticket installation has been suffering.

I completed the installation yesterday, and after a few hours in the air, potential infiltration attempts began.

I can't say if they really are real attacks, as I'm not sure, I ask for help.

How would it be possible to implement a captcha in the login areas?

V 1.15 and other information in the prints.

ntozier

Or how about the 2FA :: Authenticator plugin?
https://osticket.com/download/#plugins

guilhermeluizlessa

ntozier At the moment, it is not a viable option to oblige all system clients to login in two stages, the vast majority are inexperienced users which would increase our service demand to explain how to use two-factor authentication. Is there any other solution to inhibit reported errors? Would installing CSR do it? Is there any other option?

guilhermeluizlessa

Hi, I have 0 experience in OsTicket admin. Thanks for the tip. Let's activate this plugin and see if it resolves.

ntozier

Are your users centrally located?
Is your webserver in house?
If so then you could likely configure the webserver to only allow connections from the subnets that the users are on.

ie if all users come from a single real world IP (because of NAT) then you could allow that IP and block everything else.