= 10 ) { $one_minute_ago = time() - 60; foreach ( $_SESSION['HackingLog'] as $i => $time ) { if ( $time >= $one_minute_ago ) { $attempts_within_one_minute++; continue; } unset( $_SESSION['HackingLog'][ $i ] ); } if ( $attempts_within_one_minute >= 10 ) { // Logout after 10 Hacking attempts within 1 minute. $redirect_url = 'index.php?modfunc=logout&token=' . $_SESSION['token']; } } /** * Log "RosarioSIS HACKING ATTEMPT" into Apache error.log * So you can ban IP using a custom fail2ban jail */ error_log( 'RosarioSIS HACKING ATTEMPT' ); if ( $attempts_within_one_minute < 10 && ! empty( $_SERVER['HTTP_REFERER'] ) && mb_strpos( $_SERVER['HTTP_REFERER'], '&redirect_to=' ) !== false ) { // If User has just logged in, take him back to Portal without sending email! ?> = 10 ) { // Destroy session now: some clients do not follow redirection. session_unset(); session_destroy(); } // Redirect automatically to Portal or Logout. ?>