u/pc/rhodecode-enterprise-ce-fork-pc Commit - r1808:e5a0601c

docs: added example how to secure login page from brute force attacks.

dan -

r1808:e5a0601c default

parent child

docs/admin/nginx-config-example.rst

0 +9 0

             .. code-block:: nginx
+                ## rate limiter for certain pages to prevent brute force attacks
+                limit_req_zone  $binary_remote_addr  zone=dl_limit:10m   rate=1r/s;
+                ## custom log format
                 log_format log_custom '$remote_addr - $remote_user [$time_local] '
                                       '"$request" $status $body_bytes_sent '
                                       '"$http_referer" "$http_user_agent" '
                         proxy_set_header Connection  "upgrade";
                     }
+                    location /_admin/login {
+                        ## rate limit this endpoint
+                        limit_req  zone=dl_limit  burst=10  nodelay;
+                        try_files $uri @rhode;
+                    }
                     location / {
                         try_files $uri @rhode;
                     }

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages