RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/docs/configuration/regulation.md

34 lines
1.1 KiB
Markdown
Raw Normal View History

[DOCS] Bootstrap new documentation website based on just-the-docs (#659)
2020-02-29 00:43:59 +00:00
---
layout: default
title: Regulation
parent: Configuration
[DEPRECATE] Remove Google Analytics (#1021) * it doesn't work with our current CSP * it's probably not used by anyone * it isn't in harmony with our security purposes * literally removes all use of it * suggestions from code review * remove useless test. Co-authored-by: Amir Zarrinkafsh <nightah@me.com> Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-05-15 23:41:42 +00:00
nav_order: 5
[DOCS] Bootstrap new documentation website based on just-the-docs (#659)
2020-02-29 00:43:59 +00:00
---
# Regulation
[DOCS] Review all docs and adjust since the initial refactoring (#698) * [DOCS] Review all docs and adjust since the initial refactoring * [DOCS] Minor tweaks
2020-03-09 22:37:46 +00:00
**Authelia** can temporarily ban accounts when there are too many
authentication attempts. This helps prevent brute-force attacks.
[DOCS] Bootstrap new documentation website based on just-the-docs (#659)
2020-02-29 00:43:59 +00:00
[BUGFIX] Add jekyll dependency in Gemfile. (#660) * [BUGFIX] Add jekyll dependency in Gemfile. * [Buildkite] Optimise documentation sync step * [DOC] Fix merge conflict for index.md * [DOC] Fix formatting issues
2020-02-29 05:15:03 +00:00
## Configuration
[DOCS] Bootstrap new documentation website based on just-the-docs (#659)
2020-02-29 00:43:59 +00:00
```yaml
regulation:
[DOCS] Adjust yaml snippets and misc adjustments (#855) * [DOCS] Adjust yaml snippets * use two spaces * use yaml syntax highlighting * other misc uniformity changes * fix misc grammar * add responsible disclosure link Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>
2020-04-11 04:46:07 +00:00
# The number of failed login attempts before user is banned.
# Set it to 0 to disable regulation.
max_retries: 3
# The time range during which the user can attempt login before being banned.
# The user is banned if the authentication failed `max_retries` times in a `find_time` seconds window.
# Find Time accepts duration notation. See: https://docs.authelia.com/configuration/index.html#duration-notation-format
find_time: 2m
# The length of time before a banned user can sign in again.
# Find Time accepts duration notation. See: https://docs.authelia.com/configuration/index.html#duration-notation-format
ban_time: 5m
[MISC] Update durations to notation format and housekeeping (#824) * added regulation validator * made regulations find_time and ban_time values duration notation strings * added DefaultRegulationConfiguration for the validator * made session expiration and inactivity values duration notation strings * TOTP period does not need to be converted because adjustment should be discouraged * moved TOTP defaults to DefaultTOTPConfiguration and removed the consts * arranged the root config validator in configuration file order * adjusted tests for the changes * moved duration notation docs to root of configuration * added references to duration notation where applicable * project wide gofmt and goimports: * run gofmt * run goimports -local github.com/authelia/authelia -w on all files * Make jwt_secret error uniform and add tests * now at 100% coverage for internal/configuration/validator/configuration.go
2020-04-05 12:37:21 +00:00
```
### Duration Notation
The configuration parameters find_time, and ban_time use duration notation. See the documentation
for [duration notation format](index.md#duration-notation-format) for more information.