11002003
Meaning | |
---|---|
Someone attempted to log in to a website where you have configured FortiWeb to provide end-user authentication, but failed. |
Solution | |
---|---|
If you suspect that an unauthorized person is attempting to log in to your website, there are some preventative measures that you can take. Require regular password changes. Require strong passwords. Passwords must be significantly complex in length and character types in order to make brute force login attempts impractically slow. Redirect requests for HTTP to a secure (HTTPS) URL. Insecure protocols such as HTTP are easily susceptible to eavesdropping, man-in-the-middle, and other attacks that could compromise your connection, your password, or both. |
Field name | Description |
ID ( |
See Log ID numbers. |
Sub Type ( |
See Subtypes. |
Level ( |
See Priority level. |
User ( |
daemon
|
User Interface ( |
daemon
|
Action ( |
login
|
Status ( |
failed
|
Message ( |
User <user_name> <auth-method_str> login failed from <source_ipv4> request_url: <url> |
Examples | |
---|---|
date=2014-09-10 time=17:43:31 log_id=11002003 msg_id=000000852763 device_id=FV-3KD3R13800027 vd="Adomain_new" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" type=event subtype="system" pri=alert trigger_policy="" user=daemon ui=daemon action=login status=failed msg="User test1 HTTP BASIC login failed from 10.0.6.25 request_url:fortinet.fortiweb.com/autotest/ldapuser.html" |