block_administrator

Block Administrator 🛡️

A security enhancement app for Frappe Framework that blocks login attempts to the administrator account when email-password login method is enabled.

📋 Table of Contents

Features
Installation
Usage
How It Works
Credits
Contributors
License

Features

✅ Prevents unauthorized access to administrator account
✅ Compatible with Frappe Framework
✅ Simple setup with zero configuration
✅ Enhanced security for email-password authentication

Installation

bench get-app https://github.com/username/block_administrator
bench --site your-site.com install-app block_administrator

Usage

Once installed, the app automatically blocks login attempts to the administrator account when email-password login method is enabled. This adds an extra layer of security to your Frappe installation.

Why block the administrator account?

The administrator account has full system access. When email-password authentication is enabled, it becomes a high-value target for brute force attacks. This app helps mitigate that risk by preventing direct login to the administrator account.

How It Works

The app hooks into Frappe’s authentication system and implements the following security logic:

Login Attempt	Result	Reason
Administrator account	🚫 Blocked	Security risk
Other accounts	✅ Allowed	Normal operation

graph TD
    A[Login Request] --> B{Is administrator?}
    B -->|Yes| C[Block Access]
    B -->|No| D[Process Normally]

Credits

This app is built on top of the Frappe Framework, an open-source, metadata-driven framework created by Frappe Technologies. Special thanks to:

The Frappe Team for developing and maintaining the framework
The Frappe Community for their continued support

This site is open source. Improve this page.