Change AUTH_RATELIMIT_IP_V6_MASK from /56 to /48

main
Florent Daigniere 2 years ago
parent fa084d7b1c
commit 085bac6e08

@ -42,7 +42,7 @@ DEFAULT_CONFIG = {
'DEFER_ON_TLS_ERROR': True, 'DEFER_ON_TLS_ERROR': True,
'AUTH_RATELIMIT_IP': '5/hour', 'AUTH_RATELIMIT_IP': '5/hour',
'AUTH_RATELIMIT_IP_V4_MASK': 24, 'AUTH_RATELIMIT_IP_V4_MASK': 24,
'AUTH_RATELIMIT_IP_V6_MASK': 56, 'AUTH_RATELIMIT_IP_V6_MASK': 48,
'AUTH_RATELIMIT_USER': '100/day', 'AUTH_RATELIMIT_USER': '100/day',
'AUTH_RATELIMIT_EXEMPTION': '', 'AUTH_RATELIMIT_EXEMPTION': '',
'AUTH_RATELIMIT_EXEMPTION_LENGTH': 86400, 'AUTH_RATELIMIT_EXEMPTION_LENGTH': 86400,

@ -45,7 +45,7 @@ attackers that attempt a password spraying attack. The value defines the limit o
authentication attempts that will be processed on **distinct** non-existing authentication attempts that will be processed on **distinct** non-existing
accounts for a specific IP subnet as defined in accounts for a specific IP subnet as defined in
``AUTH_RATELIMIT_IP_V4_MASK`` (default: /24) and ``AUTH_RATELIMIT_IP_V4_MASK`` (default: /24) and
``AUTH_RATELIMIT_IP_V6_MASK`` (default: /56). ``AUTH_RATELIMIT_IP_V6_MASK`` (default: /48).
The ``AUTH_RATELIMIT_USER`` (default: 100/day) holds a security setting for fighting The ``AUTH_RATELIMIT_USER`` (default: 100/day) holds a security setting for fighting
attackers that attempt to guess a user's password (typically using a password attackers that attempt to guess a user's password (typically using a password

Loading…
Cancel
Save