Software /
code /
prosody-modules
Annotate
mod_limit_auth/README.markdown @ 5173:460f78654864
mod_muc_rtbl: also filter messages
This was a bit tricky because we don't want to run the JIDs
through SHA256 on each message. Took a while to come up with this
simple plan of just caching the SHA256 of the JIDs on the
occupants.
This will leave some dirt in the occupants after unloading the
module, but that should be ok; once they cycle the room, the
hashes will be gone.
This is direly needed, otherwise, there is a tight race between
the moderation activities and the actors joining the room.
author | Jonas Schäfer <jonas@wielicki.name> |
---|---|
date | Tue, 21 Feb 2023 21:37:27 +0100 |
parent | 2121:4916c1b6517f |
rev | line source |
---|---|
1858 | 1 --- |
2 summary: Throttle authentication attempts with optional tarpit | |
3 ... | |
4 | |
5 Introduction | |
6 ============ | |
7 | |
8 This module lets you put a per-IP limit on the number of failed | |
9 authentication attempts. | |
10 | |
11 It features an optioanal | |
12 [tarpit](https://en.wikipedia.org/wiki/Tarpit_%28networking%29), i.e. | |
13 waiting some time before returning an "authentication failed" response. | |
14 | |
15 Configuration | |
16 ============= | |
17 | |
18 ``` {.lua} | |
19 modules_enabled = { | |
20 -- your other modules | |
21 "limit_auth"; | |
22 } | |
23 | |
24 limit_auth_period = 30 -- over 30 seconds | |
25 | |
26 limit_auth_max = 5 -- tolerate no more than 5 failed attempts | |
27 | |
2121
4916c1b6517f
Update READMEs to indicate that async requires trunk (dropped from prosody 0.10)
Kim Alvefur <zash@zash.se>
parents:
1858
diff
changeset
|
28 -- Will only work with Prosody trunk: |
1858 | 29 limit_auth_tarpit_delay = 10 -- delay answer this long |
30 ``` | |
31 | |
32 Compatibility | |
33 ============= | |
34 | |
2121
4916c1b6517f
Update READMEs to indicate that async requires trunk (dropped from prosody 0.10)
Kim Alvefur <zash@zash.se>
parents:
1858
diff
changeset
|
35 Requires 0.9 or later. The tarpit feature requires Prosody trunk. |