DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:tokenbucketauth

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
plugin:tokenbucketauth [2013-04-21 08:53] – [tokenbucketauth Plugin] 109.218.207.91plugin:tokenbucketauth [2024-03-11 16:23] (current) – comptatible with jack jackrum (deprecation warnings in logs) asheenlevrai
Line 3: Line 3:
 ---- plugin ---- ---- plugin ----
 description: Prevent brute force attacks by delaying them using a token bucket description: Prevent brute force attacks by delaying them using a token bucket
-author     :  Aorimn +author     : Aorimn 
-email      :  Aorimn@giboulees.net+email      : Aorimn@giboulees.net
 type       : action type       : action
-lastupdate : 2012-07-02 +lastupdate : 2014-09-25 
-compatible : angua, Rincewind, Weatherwax+compatible : Binky, Angua, Rincewind, Weatherwax, Greebo, Hogfather, Jack Jackrum
 depends    :  depends    : 
 conflicts  conflicts 
Line 20: Line 20:
  
 This plugin delays bruteforce attacks by banning an IP address when this IP tries to log in and fails too much time within a defined period. This plugin delays bruteforce attacks by banning an IP address when this IP tries to log in and fails too much time within a defined period.
- 
  
 ===== Installation ===== ===== Installation =====
  
-Install the plugin using the [[plugin:plugin|Plugin Manager]] and the [[https://github.com/Aorimn/dokuwiki-tokenbucketauth/zipball/master|download URL]] above, which points to latest version of the plugin. Refer to [[:Plugins]] on how to install plugins manually. +Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugins]] on how to install plugins manually. If you choose to install it manually, beware of the directory name. All files should be within ''lib/plugins/tokenbucketauth/''.
- +
-If you choose to install it manually, beware of the directory name. All files should be within lib/plugins/tokenbucketauth/+
- +
-See ''Configuration and Settings'' below to understand how the plugin works.+
  
 +See Configuration and Settings below to understand how the plugin works.
  
 ===== Configuration and Settings ===== ===== Configuration and Settings =====
  
 Here is a list of main settings which explain how the plugin works: Here is a list of main settings which explain how the plugin works:
-  * **tba_block_time:** how long to block a user, in seconds (default=600, or 10 minutes) ((Protip: if you want the attacker to be banned eternally, just put a very high value here, but beware of the legitimate users which can't differentiate the 'a' letter from the 'q' one)) ; +  * **tba_block_time:** how long to block a user, in seconds (default=600, or 10 minutes) ((Protip: if you want the attacker to be banned eternally, just put a very high value here, but beware of the legitimate users which can't differentiate the 'a' letter from the 'q' one)); 
-  * **tba_nb_attempt:** if s/he failed this many attempts (default=5) ; +  * **tba_nb_attempt:** if s/he failed this many attempts (default=5); 
-  * **tba_mean_time:** within this many seconds (default=120, or 2 minutes) ;+  * **tba_mean_time:** within this many seconds (default=120, or 2 minutes);
   * **tba_whitelist:** and is not on the whitelist (default=127.0.0.1).   * **tba_whitelist:** and is not on the whitelist (default=127.0.0.1).
  
 Here are additional options: Here are additional options:
-  * **tba_send_mail:** send email to admins when a user has been banned, leave blank if to noone or don't care ; +  * **tba_send_mail:** send email to admins when a user has been banned, leave blank if to noone or don't care; 
-  * **tba_iptime_file:** log users attempts into this file ; +  * **tba_iptime_file:** log users attempts into this file; 
-  * **tba_block_file:** log blocked users into this one ;+  * **tba_block_file:** log blocked users into this one;
   * **tba_lockfile:** lock file to know when we can put content into the two others.   * **tba_lockfile:** lock file to know when we can put content into the two others.
  
 You should be able to change these default values using the [[config:manager|config manager]], but you can change them also manually editing the conf/default.php file. You should be able to change these default values using the [[config:manager|config manager]], but you can change them also manually editing the conf/default.php file.
- 
  
 === Change Log === === Change Log ===
Line 63: Line 58:
  
 //Feel free to add what you think here!// //Feel free to add what you think here!//
- 
- 
  
plugin/tokenbucketauth.1366527233.txt.gz · Last modified: 2013-04-21 08:53 by 109.218.207.91

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki