1
0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
authelia/docs/configuration/regulation.md
yossbg 05406cfc7b
feat(ntp): check clock sync on startup ()
This adds method to validate the system clock is synchronized on startup. Configuration allows adjusting the server address, enabled state, desync limit, and if the error is fatal.

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-09-17 14:44:35 +10:00

62 lines
1.5 KiB
Markdown

---
layout: default
title: Regulation
parent: Configuration
nav_order: 10
---
# Regulation
**Authelia** can temporarily ban accounts when there are too many
authentication attempts. This helps prevent brute-force attacks.
## Configuration
```yaml
regulation:
max_retries: 3
find_time: 2m
ban_time: 5m
```
## Options
### max_retries
<div markdown="1">
type: integer
{: .label .label-config .label-purple }
default: 3
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The number of failed login attempts before a user may be banned. Setting this option to 0 disables regulation entirely.
### find_time
<div markdown="1">
type: string (duration)
{: .label .label-config .label-purple }
default: 2m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The period of time in [duration notation format](index.md#duration-notation-format) analyzed for failed attempts. For
example if you set `max_retries` to 3 and `find_time` to `2m` this means the user must have 3 failed logins in
2 minutes.
### ban_time
<div markdown="1">
type: string (duration)
{: .label .label-config .label-purple }
default: 5m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The period of time in [duration notation format](index.md#duration-notation-format) the user is banned for after meeting
the `max_retries` and `find_time` configuration. After this duration the account will be able to login again.