author | Maxime “pep” Buquet <pep@bouah.net> |
Sat, 21 Mar 2020 15:03:47 +0100 | |
changeset 3955 | 32d9d155a9b9 |
parent 2125 | 4916c1b6517f |
permissions | -rw-r--r-- |
1862 | 1 |
--- |
2 |
summary: Throttle authentication attempts with optional tarpit |
|
3 |
... |
|
4 |
||
5 |
Introduction |
|
6 |
============ |
|
7 |
||
8 |
This module lets you put a per-IP limit on the number of failed |
|
9 |
authentication attempts. |
|
10 |
||
11 |
It features an optioanal |
|
12 |
[tarpit](https://en.wikipedia.org/wiki/Tarpit_%28networking%29), i.e. |
|
13 |
waiting some time before returning an "authentication failed" response. |
|
14 |
||
15 |
Configuration |
|
16 |
============= |
|
17 |
||
18 |
``` {.lua} |
|
19 |
modules_enabled = { |
|
20 |
-- your other modules |
|
21 |
"limit_auth"; |
|
22 |
} |
|
23 |
||
24 |
limit_auth_period = 30 -- over 30 seconds |
|
25 |
||
26 |
limit_auth_max = 5 -- tolerate no more than 5 failed attempts |
|
27 |
||
2125
4916c1b6517f
Update READMEs to indicate that async requires trunk (dropped from prosody 0.10)
Kim Alvefur <zash@zash.se>
parents:
1862
diff
changeset
|
28 |
-- Will only work with Prosody trunk: |
1862 | 29 |
limit_auth_tarpit_delay = 10 -- delay answer this long |
30 |
``` |
|
31 |
||
32 |
Compatibility |
|
33 |
============= |
|
34 |
||
2125
4916c1b6517f
Update READMEs to indicate that async requires trunk (dropped from prosody 0.10)
Kim Alvefur <zash@zash.se>
parents:
1862
diff
changeset
|
35 |
Requires 0.9 or later. The tarpit feature requires Prosody trunk. |