DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:tokenbucketauth

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Both sides next revision
plugin:tokenbucketauth [2014-02-19 09:56]
2001:620:600:3800:581b:25ba:50cb:474c binky-compatible
plugin:tokenbucketauth [2020-09-26 11:52] (current)
Aleksandr
Line 3: Line 3:
 ---- plugin ---- ---- plugin ----
 description: Prevent brute force attacks by delaying them using a token bucket description: Prevent brute force attacks by delaying them using a token bucket
-author     :  Aorimn +author     : Aorimn 
-email      :  Aorimn@giboulees.net+email      : Aorimn@giboulees.net
 type       : action type       : action
-lastupdate : 2012-07-02 +lastupdate : 2014-09-25 
-compatible : "Binky"angua, Rincewind, Weatherwax+compatible : Binky, Angua, Rincewind, Weatherwax
 depends    :  depends    : 
 conflicts  conflicts 
Line 20: Line 20:
  
 This plugin delays bruteforce attacks by banning an IP address when this IP tries to log in and fails too much time within a defined period. This plugin delays bruteforce attacks by banning an IP address when this IP tries to log in and fails too much time within a defined period.
- 
  
 ===== Installation ===== ===== Installation =====
  
-Install the plugin using the [[plugin:plugin|Plugin Manager]] and the [[https://github.com/Aorimn/dokuwiki-tokenbucketauth/zipball/master|download URL]] above, which points to latest version of the plugin. Refer to [[:Plugins]] on how to install plugins manually. +Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugins]] on how to install plugins manually. If you choose to install it manually, beware of the directory name. All files should be within ''lib/plugins/tokenbucketauth/''.
- +
-If you choose to install it manually, beware of the directory name. All files should be within lib/plugins/tokenbucketauth/+
- +
-See ''Configuration and Settings'' below to understand how the plugin works.+
  
 +See Configuration and Settings below to understand how the plugin works.
  
 ===== Configuration and Settings ===== ===== Configuration and Settings =====
  
 Here is a list of main settings which explain how the plugin works: Here is a list of main settings which explain how the plugin works:
-  * **tba_block_time:** how long to block a user, in seconds (default=600, or 10 minutes) ((Protip: if you want the attacker to be banned eternally, just put a very high value here, but beware of the legitimate users which can't differentiate the 'a' letter from the 'q' one)) ; +  * **tba_block_time:** how long to block a user, in seconds (default=600, or 10 minutes) ((Protip: if you want the attacker to be banned eternally, just put a very high value here, but beware of the legitimate users which can't differentiate the 'a' letter from the 'q' one)); 
-  * **tba_nb_attempt:** if s/he failed this many attempts (default=5) ; +  * **tba_nb_attempt:** if s/he failed this many attempts (default=5); 
-  * **tba_mean_time:** within this many seconds (default=120, or 2 minutes) ;+  * **tba_mean_time:** within this many seconds (default=120, or 2 minutes);
   * **tba_whitelist:** and is not on the whitelist (default=127.0.0.1).   * **tba_whitelist:** and is not on the whitelist (default=127.0.0.1).
  
 Here are additional options: Here are additional options:
-  * **tba_send_mail:** send email to admins when a user has been banned, leave blank if to noone or don't care ; +  * **tba_send_mail:** send email to admins when a user has been banned, leave blank if to noone or don't care; 
-  * **tba_iptime_file:** log users attempts into this file ; +  * **tba_iptime_file:** log users attempts into this file; 
-  * **tba_block_file:** log blocked users into this one ;+  * **tba_block_file:** log blocked users into this one;
   * **tba_lockfile:** lock file to know when we can put content into the two others.   * **tba_lockfile:** lock file to know when we can put content into the two others.
  
 You should be able to change these default values using the [[config:manager|config manager]], but you can change them also manually editing the conf/default.php file. You should be able to change these default values using the [[config:manager|config manager]], but you can change them also manually editing the conf/default.php file.
- 
  
 === Change Log === === Change Log ===
Line 63: Line 58:
  
 //Feel free to add what you think here!// //Feel free to add what you think here!//
- 
- 
  
plugin/tokenbucketauth.1392800218.txt.gz · Last modified: 2014-02-19 09:56 by 2001:620:600:3800:581b:25ba:50cb:474c