1.5 KiB
1.5 KiB
layout | title | parent | nav_order |
---|---|---|---|
default | Regulation | Configuration | 5 |
Regulation
Authelia can temporarily ban accounts when there are too many authentication attempts. This helps prevent brute-force attacks.
Configuration
regulation:
max_retries: 3
find_time: 2m
ban_time: 5m
Options
max_retries
type: integer
{: .label .label-config .label-purple }
default: 3
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The number of failed login attempts before a user may be banned. Setting this option to 0 disables regulation entirely.
find_time
type: string (duration)
{: .label .label-config .label-purple }
default: 2m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The period of time in duration notation format analyzed for failed attempts. For
example if you set max_retries
to 3 and find_time
to 2m
this means the user must have 3 failed logins in
2 minutes.
ban_time
type: string (duration)
{: .label .label-config .label-purple }
default: 5m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
The period of time in duration notation format the user is banned for after meeting
the max_retries
and find_time
configuration. After this duration the account will be able to login again.