Make AUTH_RATELIMIT_IP 60/hour as discussed

3 years ago · 64bc7972cc
parent cab0ce2017
commit 64bc7972cc
2 changed files with 2 additions and 2 deletions
--- a/core/admin/mailu/configuration.py
+++ b/core/admin/mailu/configuration.py
@ -36,7 +36,7 @@ DEFAULT_CONFIG = {
    'TLS_FLAVOR': 'cert',
    'INBOUND_TLS_ENFORCE': False,
    'DEFER_ON_TLS_ERROR': True,
-    'AUTH_RATELIMIT_IP': '10/hour',
+    'AUTH_RATELIMIT_IP': '60/hour',
    'AUTH_RATELIMIT_IP_V4_MASK': 24,
    'AUTH_RATELIMIT_IP_V6_MASK': 56,
    'AUTH_RATELIMIT_USER': '100/day',
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@ -39,7 +39,7 @@ address.

 The ``WILDCARD_SENDERS`` setting is a comma delimited list of user email addresses that are allowed to send emails from any existing address (spoofing the sender).

-The ``AUTH_RATELIMIT_IP`` (default: 10/hour) holds a security setting for fighting
+The ``AUTH_RATELIMIT_IP`` (default: 60/hour) holds a security setting for fighting
 attackers that waste server ressources by trying to guess user passwords (typically
 using a password spraying attack). The value defines the limit of authentication
 attempts that will be processed on non-existing accounts for a specific IP subnet