Monitor failed logins in your PHP application

Most PHP applications require some form of authentication for users to access the application. This is a common practice to ensure that only authorized users can access the application and prevent security issues such as API abuse. These authentication methods can be implemented in various ways, but the most common are basic authentication, Social logins (Google, Facebook, etc.), and more.

With either method, we commonly have to deal with failed logins, be it due to incorrect credentials or other reasons, such as someone trying to brute-force the login. In such cases, monitoring failed logins and taking action depending on the situation is crucial. For example, suppose we notice a user repeatedly falling to login. In that case, we can take action to reach out to them and offer help, or in cases of brute-force attacks, we can take immediate action to block the user's IP address, notify the targeted user, and more.

Here at LogSnag, we have worked on a powerful solution for monitoring and tracking problems. We have created LogSnag, a powerful, real-time event tracking tool that works seamlessly with PHP. We have made it trivial to set up real-time event tracking for anything important within our applications. In addition, we provide powerful features that let us take event tracking to the next level and do things like creating user journeys, analytics, insights, and more.

For example, in the case of failed logins, we can set up LogSnag to track failed attempts and notify our team when we observe unusual behavior. This way, we can always be aware of the security of our application and take immediate action if needed.

Connect LogSnag to PHP

Setting up LogSnag

Sign up for a free LogSnag account.
Create your first project from the dashboard.
Head to settings and copy your API token.

PHP code snippets

To track failed logins, you can use the following code snippet Please ensure to replace YOUR_API_TOKEN with your API token and update the project and channel names.

Using PHP with cURL

<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://api.logsnag.com/v1/log',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'POST',
  CURLOPT_POSTFIELDS =>'{"project":"my-saas","channel":"status","event":"Failed Login Attempt","description":"Detected 3 failed login attempts in the last 5 minutes","icon":"⚠️","notify":true}',
  CURLOPT_HTTPHEADER => array(
    'Content-Type: application/json',
    'Authorization: Bearer YOUR_API_TOKEN'
  ),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

Using PHP with Guzzle

<?php
$client = new Client();
$headers = [
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer YOUR_API_TOKEN'
];
$body = '{
  "project": "my-saas",
  "channel": "status",
  "event": "Failed Login Attempt",
  "description": "Detected 3 failed login attempts in the last 5 minutes",
  "icon": "⚠️",
  "notify": true
}';
$request = new Request('POST', 'https://api.logsnag.com/v1/log', $headers, $body);
$res = $client->sendAsync($request)->wait();
echo $res->getBody();

Using PHP with HTTP_Request2

<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('https://api.logsnag.com/v1/log');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer YOUR_API_TOKEN'
));
$request->setBody('{"project":"my-saas","channel":"status","event":"Failed Login Attempt","description":"Detected 3 failed login attempts in the last 5 minutes","icon":"⚠️","notify":true}');
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}

Using PHP with pecl_http

<?php
$client = new http\Client;
$request = new http\Client\Request;
$request->setRequestUrl('https://api.logsnag.com/v1/log');
$request->setRequestMethod('POST');
$body = new http\Message\Body;
$body->append('{"project":"my-saas","channel":"status","event":"Failed Login Attempt","description":"Detected 3 failed login attempts in the last 5 minutes","icon":"⚠️","notify":true}');
$request->setBody($body);
$request->setOptions(array());
$request->setHeaders(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer YOUR_API_TOKEN'
));
$client->enqueue($request)->send();
$response = $client->getResponse();
echo $response->getBody();

PHP integration details

We believe that event tracking should be simple and accessible to every developer and team. Therefore, we have worked hard to create the next generation of event-tracking tools. As a result, LogSnag is flexible and easy to use, making it a great companion for your PHP applications.

We would love to see you use LogSnag to track every aspect of your PHP application. So please give us a try and let us know what you think!

Other use-cases for LogSnag

View all common use-cases with PHP

Setting up LogSnag

PHP code snippets

PHP integration details

Other use-cases for LogSnag

Posted by

Content