Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
documentation:2.1:bruteforceprotection [2019/01/15 15:55]
127.0.0.1 external edit
documentation:2.1:bruteforceprotection [2020/01/15 21:47] (current)
cmaudoux [Brute Force Protection Addon]
Line 1: Line 1:
-====== Brute Force Protection ​Addon ======+====== Brute Force Protection ​plugin ​======
  
-bruteForceProtection ​plugin prevents brute force attack. Plugin DISABLED by default.+This plugin prevents brute force attack. Plugin DISABLED by default.
  
-After some failed login attempts, user must wait (30 seconds by default) before ​try to log in again+After some failed login attempts, user must wait (30 seconds by default) before ​trying ​to log in again.
- +
-The aim of a brute force attack is to gain access to user accounts by repeatedly trying to guess the password of a user. If it is disabled, automated tools may submit thousands of password attempts in a matter of seconds.+
  
 +The aim of a brute force attack is to gain access to user accounts by repeatedly trying to guess the password of an user. If disabled, automated tools may submit thousands of password attempts in a matter of seconds.
 ===== Configuration ===== ===== Configuration =====
  
Line 20: Line 19:
 bruteForceProtectionMaxFailed = 3 bruteForceProtectionMaxFailed = 3
 </​file>​ </​file>​
 +
 +<note important>​
 +Number of failed login attempts stored in history MUST be higher than allowed failed logins for this plugin takes effect.
 +</​note>​