summaryrefslogtreecommitdiffstats
path: root/core/Controller/LostController.php
diff options
context:
space:
mode:
authorLukas Reschke <lukas@statuscode.ch>2017-04-22 08:12:54 +0200
committerLukas Reschke <lukas@statuscode.ch>2017-04-22 08:12:54 +0200
commitd0d34d308a9d752d372fb9249b00014b8fa7f9a1 (patch)
tree5684714e3bb744fd1c2b9d11462a17f794c34aa6 /core/Controller/LostController.php
parent363d1c69dda472c76cf258e1fcd77d5765671e2b (diff)
downloadnextcloud-server-d0d34d308a9d752d372fb9249b00014b8fa7f9a1.tar.gz
nextcloud-server-d0d34d308a9d752d372fb9249b00014b8fa7f9a1.zip
Add at most 10 password reset requests per 5 minutes and IP range
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'core/Controller/LostController.php')
-rw-r--r--core/Controller/LostController.php1
1 files changed, 1 insertions, 0 deletions
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
index 8d26f2c1942..27491b88235 100644
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@@ -206,6 +206,7 @@ class LostController extends Controller {
/**
* @PublicPage
* @BruteForceProtection(action=passwordResetEmail)
+ * @AnonRateThrottle(limit=10, period=300)
*
* @param string $user
* @return JSONResponse
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 04:01:04 +0000