annotate mod_limit_auth/README.markdown @ 4047:36b6e3e3f9e2

mod_conversejs: Disable automatic BOSH/WS endpoint discovery Converse.js 7.0 will enable this by default, but when using this module the BOSH and WebSocket endpoints are provided in the generated HTML, so automatic discovery is not needed and unlikely to work without an additional module.
author Kim Alvefur <zash@zash.se>
date Thu, 18 Jun 2020 15:24:34 +0200
parents 4916c1b6517f
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1858
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 ---
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 summary: Throttle authentication attempts with optional tarpit
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 ...
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 Introduction
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 ============
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 This module lets you put a per-IP limit on the number of failed
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 authentication attempts.
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 It features an optioanal
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 [tarpit](https://en.wikipedia.org/wiki/Tarpit_%28networking%29), i.e.
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 waiting some time before returning an "authentication failed" response.
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 Configuration
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 =============
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 ``` {.lua}
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 modules_enabled = {
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 -- your other modules
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 "limit_auth";
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 }
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 limit_auth_period = 30 -- over 30 seconds
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 limit_auth_max = 5 -- tolerate no more than 5 failed attempts
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27
2121
4916c1b6517f Update READMEs to indicate that async requires trunk (dropped from prosody 0.10)
Kim Alvefur <zash@zash.se>
parents: 1858
diff changeset
28 -- Will only work with Prosody trunk:
1858
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 limit_auth_tarpit_delay = 10 -- delay answer this long
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 ```
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 Compatibility
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 =============
5daabb5fe24a mod_limit_auth: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34
2121
4916c1b6517f Update READMEs to indicate that async requires trunk (dropped from prosody 0.10)
Kim Alvefur <zash@zash.se>
parents: 1858
diff changeset
35 Requires 0.9 or later. The tarpit feature requires Prosody trunk.