aertmann/brute-force

Simple brute-force prevention (account locking) for Flow

Installs: 1 158

Dependents: 0

Suggesters: 0

Security: 0

Stars: 5

Watchers: 3

Forks: 2

Open Issues: 0

Type:neos-package

3.0.0 2023-04-26 15:26 UTC

This package is auto-updated.

Last update: 2024-10-26 18:54:47 UTC


README

Scrutinizer Code Quality Latest Stable Version Total Downloads License

Introduction

This package provides simple brute-force prevention (account locking) for Neos/Flow.

A notification email can be send to an administrator when an account has been locked.

Compatible with Neos 3.x or later / Flow 4.x or later (tested until 7.3)

Be aware that there are ways to circumvent this protection and it can be misused, see Blocking Brute Force Attacks for more information.

Note that the threshold is disabled in development context by default. To override it, create a Settings.yaml configuration file inside a Development folder inside a Configuration folder.

Installation

composer require "aertmann/brute-force:~2.0"

Configuration

Failed attempts threshold and notification mail can be configured in Settings.yaml.