|
IntruderUserAttempts
Minimum version required
The features described on this page require
EZproxy 3.6c GA (2006-03-10)
or later.
Overview
IntruderUserAttempts is a
position-independent config.txt/ezproxy.cfg directive
that typically appears toward the top. This directive is used
to enable intruder detection based by detecting and blocking repeated
failed attempts to access usernames regardless of source IP address.
Sample Usage
IntruderUserAttempts -interval=5 -expires=15 10
In this example, if someone tries to log into EZproxy 10 times within a
5 minute period with the wrong password, EZproxy will lock out this account
from being able to log in until all such attempts have stopped for 15 minutes.
IntruderUserAttempts can be cleared through the
/admin EZproxy administration page.
Advanced Example
An example of how to combine all of the security features of EZproxy appears at
Securing Your EZproxy Server .
See also
IntruderIPAttempts
|
Librarians' Toolbox:
