RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/docs/configuration/regulation.md

62 lines
1.5 KiB
Markdown
Raw Normal View History

[DOCS] Bootstrap new documentation website based on just-the-docs (#659)
2020-02-29 00:43:59 +00:00
---
layout: default
title: Regulation
parent: Configuration
feat(ntp): check clock sync on startup (#2251) This adds method to validate the system clock is synchronized on startup. Configuration allows adjusting the server address, enabled state, desync limit, and if the error is fatal. Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-09-17 04:44:35 +00:00
nav_order: 10
[DOCS] Bootstrap new documentation website based on just-the-docs (#659)
2020-02-29 00:43:59 +00:00
---
# Regulation
[DOCS] Review all docs and adjust since the initial refactoring (#698) * [DOCS] Review all docs and adjust since the initial refactoring * [DOCS] Minor tweaks
2020-03-09 22:37:46 +00:00
**Authelia** can temporarily ban accounts when there are too many
authentication attempts. This helps prevent brute-force attacks.
[DOCS] Bootstrap new documentation website based on just-the-docs (#659)
2020-02-29 00:43:59 +00:00
[BUGFIX] Add jekyll dependency in Gemfile. (#660) * [BUGFIX] Add jekyll dependency in Gemfile. * [Buildkite] Optimise documentation sync step * [DOC] Fix merge conflict for index.md * [DOC] Fix formatting issues
2020-02-29 05:15:03 +00:00
## Configuration
[DOCS] Bootstrap new documentation website based on just-the-docs (#659)
2020-02-29 00:43:59 +00:00
```yaml
regulation:
[DOCS] Adjust yaml snippets and misc adjustments (#855) * [DOCS] Adjust yaml snippets * use two spaces * use yaml syntax highlighting * other misc uniformity changes * fix misc grammar * add responsible disclosure link Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>
2020-04-11 04:46:07 +00:00
max_retries: 3
find_time: 2m
ban_time: 5m
[MISC] Update durations to notation format and housekeeping (#824) * added regulation validator * made regulations find_time and ban_time values duration notation strings * added DefaultRegulationConfiguration for the validator * made session expiration and inactivity values duration notation strings * TOTP period does not need to be converted because adjustment should be discouraged * moved TOTP defaults to DefaultTOTPConfiguration and removed the consts * arranged the root config validator in configuration file order * adjusted tests for the changes * moved duration notation docs to root of configuration * added references to duration notation where applicable * project wide gofmt and goimports: * run gofmt * run goimports -local github.com/authelia/authelia -w on all files * Make jwt_secret error uniform and add tests * now at 100% coverage for internal/configuration/validator/configuration.go
2020-04-05 12:37:21 +00:00
```
docs: refactor several areas of documentation (#1726) Updated all links to use https://www.authelia.com/docs/. Removed all comment sections from documented configuration on the documentation site and replaced them with their own sections. Made all documentation inside config.template.yml double hashes, and made all commented configuration sections single quoted. Added .yamllint.yaml to express our desired YAML styles. Added a style guide. Refactored many documentation areas to be 120 char widths where possible. It's by no means exhaustive but is a large start. Added a statelessness guide for the pending Kubernetes chart introduction. Added labels to configuration documentation and made many areas uniform.
2021-04-11 11:25:03 +00:00
## Options
### max_retries
<div markdown="1">
type: integer
{: .label .label-config .label-purple }
default: 3
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The number of failed login attempts before a user may be banned. Setting this option to 0 disables regulation entirely.
### find_time
<div markdown="1">
type: string (duration)
{: .label .label-config .label-purple }
default: 2m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The period of time in [duration notation format](index.md#duration-notation-format) analyzed for failed attempts. For
example if you set `max_retries` to 3 and `find_time` to `2m` this means the user must have 3 failed logins in
2 minutes.
### ban_time
<div markdown="1">
type: string (duration)
{: .label .label-config .label-purple }
default: 5m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The period of time in [duration notation format](index.md#duration-notation-format) the user is banned for after meeting
the `max_retries` and `find_time` configuration. After this duration the account will be able to login again.