-
Notifications
You must be signed in to change notification settings - Fork 64
Brute force protection
Clayton Burlison edited this page Jun 13, 2017
·
3 revisions
As of Sal 3.1.1 Brute force has been removed. Please use SAML instead.
You can add the following to your sal/settings.py to enable brute force protection. Change BRUTE_LIMIT to the number of login attempts allowed before the account is locked, BRUTE_COOLOFF is the time after which any locked accounts will be unlocked. BRUTE_PROTECT must be set to True to enable the unlocking UI in the user management page.
BRUTE_PROTECT = True
BRUTE_COOLOFF = 3
BRUTE_LIMIT = 3
###############
INSTALLED_APPS+= ('axes',)
MIDDLEWARE_CLASSES+=('axes.middleware.FailedLoginMiddleware',)
# Max number of login attemts within the ``AXES_COOLOFF_TIME``
AXES_LOGIN_FAILURE_LIMIT = BRUTE_LIMIT
AXES_COOLOFF_TIME=BRUTE_COOLOFF- Brute force protection
- LDAP integration
- Active Directory integration
- API
- Usage reporting
- License Management
- Maintenance
- Search
- Troubleshooting
- SAML
- IAM Authentication for AWS RDS Postgres
- Docker
- Ubuntu 14.04
- Ubuntu 16.04
- RHEL 7
- Kubernetes
- Heroku?