Published on September 23, 2022

Monitor failed logins in your PHP application

Monitor failed logins in your PHP application

Most PHP applications require some form of authentication for users to access the application. This is a common practice to ensure that only authorized users can access the application and prevent security issues such as API abuse. These authentication methods can be implemented in various ways, but the most common are basic authentication, Social logins (Google, Facebook, etc.), and more.

With either method, we commonly have to deal with failed logins, be it due to incorrect credentials or other reasons, such as someone trying to brute-force the login. In such cases, monitoring failed logins and taking action depending on the situation is crucial. For example, suppose we notice a user repeatedly falling to login. In that case, we can take action to reach out to them and offer help, or in cases of brute-force attacks, we can take immediate action to block the user's IP address, notify the targeted user, and more.

Here at LogSnag, we have worked on a powerful solution for monitoring and tracking problems. We have created LogSnag, a powerful, real-time event tracking tool that works seamlessly with PHP. We have made it trivial to set up real-time event tracking for anything important within our applications. In addition, we provide powerful features that let us take event tracking to the next level and do things like creating user journeys, analytics, insights, and more.

For example, in the case of failed logins, we can set up LogSnag to track failed attempts and notify our team when we observe unusual behavior. This way, we can always be aware of the security of our application and take immediate action if needed.


Setting up LogSnag

  1. Sign up for a free LogSnag account.
  2. Create your first project from the dashboard.
  3. Head to settings and copy your API token.

PHP code snippets

To track failed logins, you can use the following code snippet Please ensure to replace YOUR_API_TOKEN with your API token and update the project and channel names.

Using PHP with cURL
<?php

$curl = curl_init();

curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.logsnag.com/v1/log',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'{"project":"my-saas","channel":"status","event":"Failed Login Attempt","description":"Detected 3 failed login attempts in the last 5 minutes","icon":"⚠️","notify":true}',
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer YOUR_API_TOKEN'
),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;
Using PHP with Guzzle
<?php
$client = new Client();
$headers = [
'Content-Type' => 'application/json',
'Authorization' => 'Bearer YOUR_API_TOKEN'
];
$body = '{
"project": "my-saas",
"channel": "status",
"event": "Failed Login Attempt",
"description": "Detected 3 failed login attempts in the last 5 minutes",
"icon": "⚠️",
"notify": true
}';
$request = new Request('POST', 'https://api.logsnag.com/v1/log', $headers, $body);
$res = $client->sendAsync($request)->wait();
echo $res->getBody();
Using PHP with HTTP_Request2
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('https://api.logsnag.com/v1/log');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer YOUR_API_TOKEN'
));
$request->setBody('{"project":"my-saas","channel":"status","event":"Failed Login Attempt","description":"Detected 3 failed login attempts in the last 5 minutes","icon":"⚠️","notify":true}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}
Using PHP with pecl_http
<?php
$client = new http\Client;
$request = new http\Client\Request;
$request->setRequestUrl('https://api.logsnag.com/v1/log');
$request->setRequestMethod('POST');
$body = new http\Message\Body;
$body->append('{"project":"my-saas","channel":"status","event":"Failed Login Attempt","description":"Detected 3 failed login attempts in the last 5 minutes","icon":"⚠️","notify":true}');
$request->setBody($body);
$request->setOptions(array());
$request->setHeaders(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer YOUR_API_TOKEN'
));
$client->enqueue($request)->send();
$response = $client->getResponse();
echo $response->getBody();

PHP integration details

We believe that event tracking should be simple and accessible to every developer and team. Therefore, we have worked hard to create the next generation of event-tracking tools. As a result, LogSnag is flexible and easy to use, making it a great companion for your PHP applications.

We would love to see you use LogSnag to track every aspect of your PHP application. So please give us a try and let us know what you think!

Other use-cases for LogSnag

  1. Monitor your CI/CD build status for your PHP application
  2. Monitor your CPU usage in your PHP application
  3. Monitor when database goes down in your PHP application
  4. Monitor high disk usage in your PHP application
  5. Monitor when a user changes their email address in your PHP application
  6. Monitor failed payments for your PHP application
  7. Monitor memory usage in your PHP application
  8. Monitor MySQL downtime in your PHP application
  9. Monitor when a new feature is used in your PHP application
  10. Monitor your Postgres downtime in your PHP application
  11. Monitor Redis downtime in your PHP application
  12. Monitor suspicious activity in your PHP application
  13. Monitor when a user exceeds the usage limit for your PHP service
  14. Monitor when a user is being rate limited in your PHP application
  15. Get a notification when your PHP code is done executing
  16. Send push notifications to your phone or desktop using PHP
  17. Track canceled subscriptions in your PHP application
  18. Track your PHP cron jobs
  19. Track when a file is uploaded to your PHP application
  20. Track when a form is submitted to your PHP application
  21. Track payment events via PHP
  22. Track user sign in events in PHP
  23. Track user signup events via PHP
  24. Track waitlist signup events via PHP
View all common use-cases with PHP