Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implementar controle no login para evitar ataque de força bruta #1450

Open
viniciusandrade opened this issue Apr 10, 2024 · 2 comments
Open

Implementar controle no login para evitar ataque de força bruta #1450

viniciusandrade opened this issue Apr 10, 2024 · 2 comments
Assignees
@viniciusandrade

Comments

@viniciusandrade
Copy link
Member

CM-PAHO-EXT-08. It is recommended to block the attacker IP address incrementally. An example of this measure is as follows: The first time that an attack of this type is detected, the IP address is blocked for 15 minutes, the second time a block is applied for 30 minutes and the third time a permanent block is applied.
@viniciusandrade viniciusandrade self-assigned this Apr 10, 2024
viniciusandrade added a commit that referenced this issue Apr 10, 2024
@viniciusandrade
Implementa controle de tentativas no login do sistema. #1450
ccd3493
@viniciusandrade
Copy link
Member Author

Implementado em ccd3493

@viniciusandrade
Copy link
Member Author

Verificado que devido ao uso de proxy o IP do usuário não esta sendo repassado para aplicação. Realizando ajustes para pegar IP de outra variável de ambiente.

viniciusandrade added a commit that referenced this issue May 2, 2024
@viniciusandrade
Ajustes para controle de login. #1450
c016bf4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@viniciusandrade viniciusandrade

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@viniciusandrade