====== tokenbucketauth Plugin ======

---- plugin ----
description: Prevent brute force attacks by delaying them using a token bucket
author     : Aorimn
email      : Aorimn@giboulees.net
type       : action
lastupdate : 2014-09-25
compatible : Binky, Angua, Rincewind, Weatherwax, Greebo, Hogfather, Jack Jackrum
depends    : 
conflicts  : 
similar    : ipban, captcha, acl
tags       : bruteforce, tokenbucket, authentication, ip, blacklist, security

downloadurl: https://github.com/Aorimn/dokuwiki-tokenbucketauth/zipball/master
bugtracker : https://github.com/Aorimn/dokuwiki-tokenbucketauth/issues
sourcerepo : https://github.com/Aorimn/dokuwiki-tokenbucketauth
donationurl: 
----

This plugin delays bruteforce attacks by banning an IP address when this IP tries to log in and fails too much time within a defined period.

===== Installation =====

Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugins]] on how to install plugins manually. If you choose to install it manually, beware of the directory name. All files should be within ''lib/plugins/tokenbucketauth/''.

See Configuration and Settings below to understand how the plugin works.

===== Configuration and Settings =====

Here is a list of main settings which explain how the plugin works:
  * **tba_block_time:** how long to block a user, in seconds (default=600, or 10 minutes) ((Protip: if you want the attacker to be banned eternally, just put a very high value here, but beware of the legitimate users which can't differentiate the 'a' letter from the 'q' one));
  * **tba_nb_attempt:** if s/he failed this many attempts (default=5);
  * **tba_mean_time:** within this many seconds (default=120, or 2 minutes);
  * **tba_whitelist:** and is not on the whitelist (default=127.0.0.1).

Here are additional options:
  * **tba_send_mail:** send email to admins when a user has been banned, leave blank if to noone or don't care;
  * **tba_iptime_file:** log users attempts into this file;
  * **tba_block_file:** log blocked users into this one;
  * **tba_lockfile:** lock file to know when we can put content into the two others.

You should be able to change these default values using the [[config:manager|config manager]], but you can change them also manually editing the conf/default.php file.

=== Change Log ===

{{rss>https://github.com/Aorimn/dokuwiki-tokenbucketauth/commits/master.atom date}}

=== Known Bugs and Issues ===

//Look at the [[https://github.com/Aorimn/dokuwiki-tokenbucketauth/issues|github page]] if there's any!//

=== ToDo/Wish List ===

//Feel free to add wishes here... but I'd prefer you doing it on [[https://github.com/Aorimn/dokuwiki-tokenbucketauth/issues|github]]//

===== Discussion =====

//Feel free to add what you think here!//