DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:tokenbucketauth

tokenbucketauth Plugin

Compatible with DokuWiki

  • 2024-02-06 "Kaos" yes
  • 2023-04-04 "Jack Jackrum" yes
  • 2022-07-31 "Igor" unknown
  • 2020-07-29 "Hogfather" yes

plugin Prevent brute force attacks by delaying them using a token bucket

Last updated on
2014-09-25
Provides
Action
Repository
Source

This plugin delays bruteforce attacks by banning an IP address when this IP tries to log in and fails too much time within a defined period.

Installation

Search and install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually. If you choose to install it manually, beware of the directory name. All files should be within lib/plugins/tokenbucketauth/.

See Configuration and Settings below to understand how the plugin works.

Configuration and Settings

Here is a list of main settings which explain how the plugin works:

  • tba_block_time: how long to block a user, in seconds (default=600, or 10 minutes) 1);
  • tba_nb_attempt: if s/he failed this many attempts (default=5);
  • tba_mean_time: within this many seconds (default=120, or 2 minutes);
  • tba_whitelist: and is not on the whitelist (default=127.0.0.1).

Here are additional options:

  • tba_send_mail: send email to admins when a user has been banned, leave blank if to noone or don't care;
  • tba_iptime_file: log users attempts into this file;
  • tba_block_file: log blocked users into this one;
  • tba_lockfile: lock file to know when we can put content into the two others.

You should be able to change these default values using the config manager, but you can change them also manually editing the conf/default.php file.

Change Log

Known Bugs and Issues

Look at the github page if there's any!

ToDo/Wish List

Feel free to add wishes here… but I'd prefer you doing it on github

Discussion

Feel free to add what you think here!

1)
Protip: if you want the attacker to be banned eternally, just put a very high value here, but beware of the legitimate users which can't differentiate the 'a' letter from the 'q' one
plugin/tokenbucketauth.txt · Last modified: by 2a02:8429:c259:7901:445c:e392:ca08:4993

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki