You can restrict the number and frequency of failed attempts to log on to the platform (authentication). This restriction will help protect the platform from network attacks that use automatic password brute-forcing.
The following restrictions can be set in the authentication settings:
- number of failed attempts - if the user has made more attempts to enter credentials, the user's IP address will be blocked;
- time between attempts - the minimum time after entering incorrect data, after which the user can try to login again.
Authentication settings are set separately for each type of account — user, advanced user and administrator.
To configure user authentication, on the right-hand menu, click the Security policies icon → . The section contains restriction settings and a list of blocked users.
To set authentication restrictions:
- Click the Edit settings button in the required block — For admins, For advanced users, For users.
- Specify the required settings:
- Time between attempts, sec — the minimum time after entering incorrect data, after which the user can try to login again;
- Number of failed attempts, pcs — the maximum number of failed entry attempts, after which the user's IP address will be blocked;
- Blocking duration, sec — the time during which authentication will be unavailable;
- Reset period, sec — the time after which the number of failed attempts will be reset.
- Click Save.
To disable user blocking, click the Unblock button on the user account line.
To update the list of blocked users, click Update the list.
Information about authentication attempts is recorded in the log of the vm_auth_back4_1 docker container on the server with the platform.
To see the authentication logs:
- Connect to the server with the platform via SSH.
Execute the command:
docker logs -f -n 100 vm_auth_back4_1BASHComments to the command
-n 100 — number of last log lines