Browse Source

Merge branch '8.0_ADD_auth_track_and_prevent_brut_force' of https://github.com/grap/server-tools into 8.0_ADD_auth_track_and_prevent_brut_force

pull/262/head
Sylvain LE GAL 9 years ago
parent
commit
987e1be5ef
  1. 4
      auth_brute_force/README.rst

4
auth_brute_force/README.rst

@ -9,8 +9,8 @@ This module registers each request done by users trying to authenticate into
Odoo. If the authentication fails, a counter is increased for the given remote Odoo. If the authentication fails, a counter is increased for the given remote
IP. After after a defined number of attempts, Odoo will ban the remote IP and IP. After after a defined number of attempts, Odoo will ban the remote IP and
ignore new requests. ignore new requests.
This module applies [security through obscurity]
(https://en.wikipedia.org/wiki/Security_through_obscurity):
This module applies security through obscurity
(https://en.wikipedia.org/wiki/Security_through_obscurity),
When a user is banned, the request is now considered as an attack. So, the UI When a user is banned, the request is now considered as an attack. So, the UI
will **not** indicate to the user that his IP is banned and the regular message will **not** indicate to the user that his IP is banned and the regular message
'Wrong login/password' is displayed. 'Wrong login/password' is displayed.

Loading…
Cancel
Save