This plugin delays bruteforce attacks by banning an IP address when this IP tries to log in and fails too much time within a defined period.

Search and install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually. If you choose to install it manually, beware of the directory name. All files should be within lib/plugins/tokenbucketauth/.

See Configuration and Settings below to understand how the plugin works.

Here is a list of main settings which explain how the plugin works:

• tba_block_time: how long to block a user, in seconds (default=600, or 10 minutes) ¹⁾;
• tba_nb_attempt: if s/he failed this many attempts (default=5);
• tba_mean_time: within this many seconds (default=120, or 2 minutes);
• tba_whitelist: and is not on the whitelist (default=127.0.0.1).

Here are additional options:

• tba_send_mail: send email to admins when a user has been banned, leave blank if to noone or don't care;
• tba_iptime_file: log users attempts into this file;
• tba_block_file: log blocked users into this one;
• tba_lockfile: lock file to know when we can put content into the two others.

You should be able to change these default values using the config manager, but you can change them also manually editing the conf/default.php file.

• Merge pull request #9 from splitbrain-forks/php7-signature (2016-02-03 22:40)
• Adjust method signatures to match parent (2016-02-03 12:50)
• Merge pull request #8 from sawachan/master (2015-04-15 22:19)
• Create settings.php (2015-04-15 13:41)
• Create mailbody.txt (2015-04-15 13:39)
• Create lang.php (2015-04-15 13:38)
• Create banned.txt (2015-04-15 13:37)
• Create admin_intro.txt (2015-04-15 13:36)

Look at the github page if there's any!

Feel free to add wishes here… but I'd prefer you doing it on github

Feel free to add what you think here!