You can opt to log users' attempts to login to Craft to prevent brute-force attempts. Use the checkInvalidLogins configuration setting to manage this.

Important: You must also enable storeUserIps (opens new window) in your general.php file.

Custom template#

Using the template configuration setting, you can provide a path to your own custom template, shown to users when they try to login. A very simple example might look like the following:

<form method="post" accept-charset="utf-8">
    <input type="hidden" name="action" value="knock-knock/default/answer">
    <input type="hidden" name="redirect" value="{{ redirect | hash }}">
    {{ csrfInput() }}

    <label for="password">Password</label>
    <input id="password" type="password" name="password" autocomplete="off" placeholder="Password" autofocus />

    <button type="submit" name="unlock" value="Unlock">Unlock</button>

    {% if errors is defined %}
        <ul class="errors">
            {% for error in errors %}
                <li>{{ error }}</li>
            {% endfor %}
    {% endif %}

You can also look at the template Knock Knock itself uses here (opens new window). When using a custom template, be mindful to include all the provided <input> elements, taking note of the name attributes for each. Otherwise, you have complete control over the look and feel of this form.

Previous ← Configuration