mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
158783a9d4
This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration. BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0
1.5 KiB
1.5 KiB
layout | title | parent | nav_order |
---|---|---|---|
default | Regulation | Configuration | 9 |
Regulation
Authelia can temporarily ban accounts when there are too many authentication attempts. This helps prevent brute-force attacks.
Configuration
regulation:
max_retries: 3
find_time: 2m
ban_time: 5m
Options
max_retries
type: integer
{: .label .label-config .label-purple }
default: 3
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The number of failed login attempts before a user may be banned. Setting this option to 0 disables regulation entirely.
find_time
type: string (duration)
{: .label .label-config .label-purple }
default: 2m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The period of time in duration notation format analyzed for failed attempts. For
example if you set max_retries
to 3 and find_time
to 2m
this means the user must have 3 failed logins in
2 minutes.
ban_time
type: string (duration)
{: .label .label-config .label-purple }
default: 5m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The period of time in duration notation format the user is banned for after meeting
the max_retries
and find_time
configuration. After this duration the account will be able to login again.