diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2016-07-20 18:36:15 +0200 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2016-07-20 22:08:56 +0200 |
commit | ba4f12baa02dfb55ec8822687896d643261440c4 (patch) | |
tree | 5dc95ab54a2ae169951693a43ba7aa6920d6f36a /apps/dav/appinfo/v1/webdav.php | |
parent | 7cdf6402ff9a0e07866ca8bcfcffd0e0897b646a (diff) | |
download | nextcloud-server-ba4f12baa02dfb55ec8822687896d643261440c4.tar.gz nextcloud-server-ba4f12baa02dfb55ec8822687896d643261440c4.zip |
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
Diffstat (limited to 'apps/dav/appinfo/v1/webdav.php')
-rw-r--r-- | apps/dav/appinfo/v1/webdav.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/apps/dav/appinfo/v1/webdav.php b/apps/dav/appinfo/v1/webdav.php index 3b733c0fbd5..2af49177ce1 100644 --- a/apps/dav/appinfo/v1/webdav.php +++ b/apps/dav/appinfo/v1/webdav.php @@ -43,6 +43,7 @@ $authBackend = new \OCA\DAV\Connector\Sabre\Auth( \OC::$server->getUserSession(), \OC::$server->getRequest(), \OC::$server->getTwoFactorAuthManager(), + \OC::$server->getBruteForceThrottler(), 'principals/' ); $requestUri = \OC::$server->getRequest()->getRequestUri(); |