##// END OF EJS Templates
docs: added example how to secure login page from brute force attacks.
dan -
r1808:e5a0601c default
parent child Browse files
Show More
@@ -5,7 +5,10 b' Use the following example to configure N'
5
5
6
6
7 .. code-block:: nginx
7 .. code-block:: nginx
8 ## rate limiter for certain pages to prevent brute force attacks
9 limit_req_zone $binary_remote_addr zone=dl_limit:10m rate=1r/s;
8
10
11 ## custom log format
9 log_format log_custom '$remote_addr - $remote_user [$time_local] '
12 log_format log_custom '$remote_addr - $remote_user [$time_local] '
10 '"$request" $status $body_bytes_sent '
13 '"$request" $status $body_bytes_sent '
11 '"$http_referer" "$http_user_agent" '
14 '"$http_referer" "$http_user_agent" '
@@ -109,6 +112,12 b' Use the following example to configure N'
109 proxy_set_header Connection "upgrade";
112 proxy_set_header Connection "upgrade";
110 }
113 }
111
114
115 location /_admin/login {
116 ## rate limit this endpoint
117 limit_req zone=dl_limit burst=10 nodelay;
118 try_files $uri @rhode;
119 }
120
112 location / {
121 location / {
113 try_files $uri @rhode;
122 try_files $uri @rhode;
114 }
123 }
General Comments 0
You need to be logged in to leave comments. Login now