Zugang
Bilder
|
Rubriken
|
Übersichten
|
Forumsleben
|
Texte
|
Administratives
|
Hilfe
|
| Wunsch? | ✔ |
|---|---|
| Komponente ? | Software-Internes |
| Wichtigkeit ? | Normal |
| Status ? | Neu |
| Beschreibung | |
|
Currently there is a relatively easy to trigger DoS in the try_login handling. Something like 160 parallel bad login requests will overload the server and block it. Mitigation: xcache_inc("loginfail:{$ip}", 300); // 5 minute window | |