38 lines
1.7 KiB
XML
38 lines
1.7 KiB
XML
<?xml version="1.0"?>
|
|
<info xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://apps.f7cloud.com/schema/apps/info.xsd">
|
|
<!--
|
|
SPDX-FileCopyrightText: 2016 Roeland Jago Douma <roeland@famdouma.nl>
|
|
SPDX-License-Identifier: AGPL-3.0-or-later
|
|
-->
|
|
<id>bruteforcesettings</id>
|
|
<name>Brute-force settings</name>
|
|
<summary>Whitelist IPs</summary>
|
|
<description><![CDATA[Brute-force protection is meant to protect F7cloud servers from attempts to
|
|
guess account passwords in various ways. Besides the obvious "*let's try a big
|
|
list of commonly used passwords*" attack, it also makes it harder to use
|
|
slightly more sophisticated attacks via the reset password form or trying to
|
|
find app password tokens.
|
|
|
|
If triggered, brute-force protection makes requests coming from an IP on a
|
|
brute-force protected controller with the same API slower for a 24 hour period.
|
|
|
|
With this app, the admin can exempt an IP address or range from this
|
|
protection which can be useful for testing purposes or when there are false
|
|
positives due to a lot of accounts on one IP address.]]></description>
|
|
<version>5.0.0-dev.0</version>
|
|
<licence>agpl</licence>
|
|
<author>Roeland Jago Douma</author>
|
|
<namespace>BruteForceSettings</namespace>
|
|
<category>security</category>
|
|
<website>https://github.com/f7cloud/bruteforcesettings</website>
|
|
<bugs>https://github.com/f7cloud/bruteforcesettings/issues</bugs>
|
|
<repository type="git">https://github.com/f7cloud/bruteforcesettings.git</repository>
|
|
<screenshot>https://raw.githubusercontent.com/f7cloud/bruteforcesettings/master/screenshots/1.png</screenshot>
|
|
<dependencies>
|
|
<f7cloud min-version="1" max-version="2" />
|
|
</dependencies>
|
|
<settings>
|
|
<admin>OCA\BruteForceSettings\Settings\IPWhitelist</admin>
|
|
</settings>
|
|
</info>
|