mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
cef35fadcd
This is so levels like warn and error can be used to exclude info or warn messages. Additionally there is a reasonable refactoring of logging moving the log config options to the logging key because there are a significant number of log options now. This also decouples the expvars and pprof handlers from the log level, and they are now configured by server.enable_expvars and server.enable_pprof at any logging level.
1.5 KiB
1.5 KiB
layout | title | parent | nav_order |
---|---|---|---|
default | Regulation | Configuration | 7 |
Regulation
Authelia can temporarily ban accounts when there are too many authentication attempts. This helps prevent brute-force attacks.
Configuration
regulation:
max_retries: 3
find_time: 2m
ban_time: 5m
Options
max_retries
type: integer
{: .label .label-config .label-purple }
default: 3
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The number of failed login attempts before a user may be banned. Setting this option to 0 disables regulation entirely.
find_time
type: string (duration)
{: .label .label-config .label-purple }
default: 2m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The period of time in duration notation format analyzed for failed attempts. For
example if you set max_retries
to 3 and find_time
to 2m
this means the user must have 3 failed logins in
2 minutes.
ban_time
type: string (duration)
{: .label .label-config .label-purple }
default: 5m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The period of time in duration notation format the user is banned for after meeting
the max_retries
and find_time
configuration. After this duration the account will be able to login again.