IntruderUserAttempts
Minimum version required
The features described on this page require EZproxy 3.6c GA (2006-03-10) or later.
Overview
IntruderUserAttempts is a position-independent config.txt/ezproxy.cfg directive that typically appears toward the top. This directive is used to enable intruder detection based by detecting and blocking repeated failed attempts to access usernames regardless of source IP address.
Sample Usage
IntruderUserAttempts -interval= 5 -expires= 15 10
In this example, if someone tries to log into EZproxy 10 times within a 5 minute period with the wrong password, EZproxy will lock out this account from being able to log in until all such attempts have stopped for 15 minutes.
IntruderUserAttempts can be cleared through the /admin EZproxy administration page.
Advanced Example
An example of how to combine all of the security features of EZproxy appears at Securing Your EZproxy Server .