Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement brute force protection #479

Merged
merged 3 commits into from
Jul 20, 2016
Merged

Implement brute force protection #479

merged 3 commits into from
Jul 20, 2016

Commits on Jul 20, 2016

  1. Implement brute force protection 

    Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
    @LukasReschke
    LukasReschke committed Jul 20, 2016
    Configuration menu
    Copy the full SHA
    ba4f12b View commit details
    Browse the repository at this point in the history

  2. JSON encode the values

    @LukasReschke
    LukasReschke committed Jul 20, 2016
    Configuration menu
    Copy the full SHA
    adf67fa View commit details
    Browse the repository at this point in the history

  3. Mitigate race condition

    @LukasReschke
    LukasReschke committed Jul 20, 2016
    Configuration menu
    Copy the full SHA
    c1589f1 View commit details
    Browse the repository at this point in the history