Brute Force Detection
Brute Force Detection is an important security measure used to watch login attempts and looks for signs of brute force attacks, where attackers try many password guesses. When it sees suspicious patterns, it takes action to block or alert against these attacks.
1 Go to Dashboard > Security Defenses.
2 Click on Bruteforce Detection tab.
3 Toggle the Enable button to turn on the functionality it represents.
4 You will be displayed with various different configurations. Configure the required fields.
Configuration implementation
| Attributes | Description |
|---|---|
| Enabled | It is highly suggested to enable all the toggles to get notifications if suspicious behaviour or is identified. |
| Permanent Lockout | Permanently lock a user's account when they exceed the allowable limit of login failures. |
| Max Login Failures | Set the number of login failures before triggering a waiting period. |
| Wait Increment | Determine the waiting time increment after the failure threshold is met. |
| Quick Login Check Milli Seconds | Lock out the user if multiple failures occur too quickly. |
| Minimum Quick Login Wait | Set the waiting time after a quick login failure. |
| Max Wait | Define the maximum time a user will be locked out. |
| Failure Reset Time | Specify when the failure count will be reset. |
note
If a Brute Force attack is detected after you enable Permanent Lockout, your account will be permanently locked.
5 Click on SAVE.