| #
b546944f |
| 22-Jan-2026 |
Andreas Gohr <gohr@cosmocode.de> |
Improve setting messages
|
| #
563fb566 |
| 22-Jan-2026 |
Andreas Gohr <gohr@cosmocode.de> |
Add exponential timeout for failed login attempts
Introduces a configurable brute-force protection mechanism that enforces
increasing wait times between login attempts. The timeout doubles with
each
Add exponential timeout for failed login attempts
Introduces a configurable brute-force protection mechanism that enforces
increasing wait times between login attempts. The timeout doubles with
each failure (e.g., 5s → 10s → 20s → ...) up to a configurable maximum.
New settings:
- logindenial: Base timeout in seconds (0 to disable)
- logindenial_max: Maximum timeout cap (default 1 hour)
The feature works independently of CAPTCHA protection - failed attempts
are tracked per IP using the existing IpCounter mechanism, and users
are shown the remaining wait time when blocked.
show more ...
|
| #
09b1e97e |
| 06-Dec-2023 |
Andreas Gohr <andi@splitbrain.org> |
first go at cleaning up the code
|
| #
969b14c4 |
| 11-Jan-2022 |
Andreas Gohr <andi@splitbrain.org> |
added bruteforce protection on login
The new default for protecting the login now takes failed logins from
the originating IP into account.
|
| #
18622736 |
| 11-Jan-2022 |
Andreas Gohr <andi@splitbrain.org> |
auto reformat code
|
| #
08f248e4 |
| 01-Feb-2017 |
Andreas Gohr <andi@splitbrain.org> |
added new mode SVG
This mode generates an SVG image an inlines it. This is much easier to
read than the obfuscated image but should still be relatively hard for
most spammers (until they start handl
added new mode SVG
This mode generates an SVG image an inlines it. This is much easier to
read than the obfuscated image but should still be relatively hard for
most spammers (until they start handling inline SVGs).
show more ...
|
| #
643f15bd |
| 17-Apr-2015 |
Andreas Gohr <andi@splitbrain.org> |
optionally require a CAPTCHA on login
makes plugin:captchalogin obsolete
|
| #
6ee10a68 |
| 17-Apr-2015 |
Andreas Gohr <andi@splitbrain.org> |
removed config for registration
I don't see any reason why anyone should ever switch this off
|
| #
df8afac4 |
| 29-Jul-2013 |
Andreas Gohr <andi@splitbrain.org> |
Added fixed question mode
|
| #
28c14643 |
| 10-May-2013 |
Andreas Gohr <andi@splitbrain.org> |
allow user to set the length of the CAPTCHA
|
| #
9e312724 |
| 22-Apr-2013 |
Andreas Gohr <andi@splitbrain.org> |
added new 'math' mode
|
| #
52e95008 |
| 23-Aug-2009 |
Andreas Gohr <andi@splitbrain.org> |
Added figlet support
Ignore-this: 1fcd85801da1bd3504e8fb884e3d1001
Yes it is neither very secure nor is it accessible but its fun ;-)
darcs-hash:20090823181722-7ad00-1207ec427be15e605a7dfd129b8dad6
Added figlet support
Ignore-this: 1fcd85801da1bd3504e8fb884e3d1001
Yes it is neither very secure nor is it accessible but its fun ;-)
darcs-hash:20090823181722-7ad00-1207ec427be15e605a7dfd129b8dad60c8318a4a.gz
show more ...
|
| #
42a27035 |
| 09-Jan-2007 |
Andreas Gohr <andi@splitbrain.org> |
initial checkin
darcs-hash:20070109215204-7ad00-911102ca792d59b403fea07473621236672a23ee.gz
|