2022-06-15 07:51:47 +00:00
|
|
|
---
|
|
|
|
title: "Regulation"
|
|
|
|
description: "Regulation Configuration"
|
|
|
|
lead: "Configuring the Regulation system."
|
2022-06-28 05:27:14 +00:00
|
|
|
date: 2022-06-15T17:51:47+10:00
|
2022-06-15 07:51:47 +00:00
|
|
|
draft: false
|
|
|
|
images: []
|
|
|
|
menu:
|
|
|
|
configuration:
|
|
|
|
parent: "security"
|
|
|
|
weight: 104300
|
|
|
|
toc: true
|
|
|
|
aliases:
|
|
|
|
- /docs/configuration/regulation.html
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
__Authelia__ can temporarily ban accounts when there are too many
|
|
|
|
authentication attempts. This helps prevent brute-force attacks.
|
|
|
|
|
|
|
|
## Configuration
|
|
|
|
|
2023-05-04 11:23:15 +00:00
|
|
|
{{< config-alert-example >}}
|
|
|
|
|
2022-06-15 07:51:47 +00:00
|
|
|
```yaml
|
|
|
|
regulation:
|
|
|
|
max_retries: 3
|
2023-05-07 06:39:17 +00:00
|
|
|
find_time: '2m'
|
|
|
|
ban_time: '5m'
|
2022-06-15 07:51:47 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
## Options
|
|
|
|
|
2023-05-04 11:23:15 +00:00
|
|
|
This section describes the individual configuration options.
|
|
|
|
|
2022-06-15 07:51:47 +00:00
|
|
|
### max_retries
|
|
|
|
|
2022-08-08 21:50:12 +00:00
|
|
|
{{< confkey type="integer" default="3" required="no" >}}
|
2022-06-15 07:51:47 +00:00
|
|
|
|
|
|
|
The number of failed login attempts before a user may be banned. Setting this option to 0 disables regulation entirely.
|
|
|
|
|
|
|
|
### find_time
|
|
|
|
|
2022-08-08 21:50:12 +00:00
|
|
|
{{< confkey type="duration" default="2m" required="no" >}}
|
2022-06-15 07:51:47 +00:00
|
|
|
|
2023-05-07 05:48:26 +00:00
|
|
|
*__Reference Note:__ This configuration option uses the [duration common syntax](../prologue/common.md#duration).
|
|
|
|
Please see the [documentation](../prologue/common.md#duration) on this format for more information.*
|
2022-06-15 07:51:47 +00:00
|
|
|
|
|
|
|
The period of time analyzed for failed attempts. For
|
|
|
|
example if you set `max_retries` to 3 and `find_time` to `2m` this means the user must have 3 failed logins in
|
|
|
|
2 minutes.
|
|
|
|
|
|
|
|
### ban_time
|
|
|
|
|
|
|
|
{{< confkey type="duration" default="5m" required="no" >}}
|
|
|
|
|
2023-05-07 05:48:26 +00:00
|
|
|
*__Reference Note:__ This configuration option uses the [duration common syntax](../prologue/common.md#duration).
|
|
|
|
Please see the [documentation](../prologue/common.md#duration) on this format for more information.*
|
2022-06-15 07:51:47 +00:00
|
|
|
|
|
|
|
The period of time the user is banned for after meeting the `max_retries` and `find_time` configuration. After this
|
|
|
|
duration the account will be able to login again.
|