u/pc/rhodecode-enterprise-ce-fork-pc Commit - r1808:e5a0601c

docs: added example how to secure login page from brute force attacks.

dan -

r1808:e5a0601c default

parent child

docs/admin/nginx-config-example.rst

0 +9 0

              .. code-block:: nginx
+                 ## rate limiter for certain pages to prevent brute force attacks
+                 limit_req_zone  $binary_remote_addr  zone=dl_limit:10m   rate=1r/s;
+                 ## custom log format
                  log_format log_custom '$remote_addr - $remote_user [$time_local] '
                                        '"$request" $status $body_bytes_sent '
                                        '"$http_referer" "$http_user_agent" '
                          proxy_set_header Connection  "upgrade";
                      }
+                     location /_admin/login {
+                         ## rate limit this endpoint
+                         limit_req  zone=dl_limit  burst=10  nodelay;
+                         try_files $uri @rhode;
+                     }
                      location / {
                          try_files $uri @rhode;
                      }

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages