aertmann / brute-force
Simple brute-force prevention (account locking) for Flow
Installs: 1 181
Dependents: 0
Suggesters: 0
Security: 0
Stars: 5
Watchers: 3
Forks: 2
Open Issues: 0
Type:neos-package
Requires
- neos/flow: >=6.0
- neos/swiftmailer: >6.0
README
Introduction
This package provides simple brute-force prevention (account locking) for Neos/Flow.
A notification email can be send to an administrator when an account has been locked.
Compatible with Neos 3.x or later / Flow 4.x or later (tested until 7.3)
Be aware that there are ways to circumvent this protection and it can be misused, see Blocking Brute Force Attacks for more information.
Note that the threshold is disabled in development context by default. To override it, create a Settings.yaml
configuration file inside a Development
folder inside a Configuration
folder.
Installation
composer require "aertmann/brute-force:~2.0"
Configuration
Failed attempts threshold and notification mail can be configured in Settings.yaml
.