Throttler¶
-
class
OC\Security\Bruteforce\
Throttler
¶ - Class Throttler implements the bruteforce protection for security actions inNextcloud.It is working by logging invalid login attempts to the database and slowingdown all login attempts from the same subnet. The max delay is 30 seconds andthe starting delay are 200 milliseconds. (after the first failed login)This is based on Paragonie’s AirBrake for Airship CMS. You can find the original
Source: lib/private/Security/Bruteforce/Throttler.php#56
Constants¶
-
LOGIN_ACTION = login
Source: lib/private/Security/Bruteforce/Throttler.php#57
-
MAX_DELAY = 25
Source: lib/private/Security/Bruteforce/Throttler.php#58
-
MAX_DELAY_MS = 25000
Source: lib/private/Security/Bruteforce/Throttler.php#59
-
MAX_ATTEMPTS = 10
Source: lib/private/Security/Bruteforce/Throttler.php#60
Properties¶
Methods¶
-
public
OC\Security\Bruteforce\Throttler::
__construct
($db, $timeFactory, $logger, $config)¶ Source: Parameters: - $db (
OCP\IDBConnection
) - $timeFactory (
OCP\AppFramework\Utility\ITimeFactory
) - $logger (
OCP\ILogger
) - $config (
OCP\IConfig
)
- $db (
-
public
OC\Security\Bruteforce\Throttler::
registerAttempt
($action, $ip, $metadata=[])¶ - Register a failed attempt to bruteforce a security control
Source: Parameters: - $action (string)
- $ip (string)
- $metadata (array) Optional metadata logged to the database
-
public
OC\Security\Bruteforce\Throttler::
getAttempts
($ip, $action="", $maxAgeHours=12)¶ - Get the throttling delay (in milliseconds)
Source: Parameters: - $ip (string)
- $action (string) optionally filter by action
- $maxAgeHours (float)
Returns: int
-
public
OC\Security\Bruteforce\Throttler::
getDelay
($ip, $action="")¶ - Get the throttling delay (in milliseconds)
Source: Parameters: - $ip (string)
- $action (string) optionally filter by action
Returns: int
-
public
OC\Security\Bruteforce\Throttler::
resetDelay
($ip, $action, $metadata)¶ - Reset the throttling delay for an IP address, action and metadata
Source: Parameters: - $ip (string)
- $action (string)
- $metadata (array)
-
public
OC\Security\Bruteforce\Throttler::
resetDelayForIP
($ip)¶ - Reset the throttling delay for an IP address
Source: Parameters: - $ip (string)
-
public
OC\Security\Bruteforce\Throttler::
sleepDelay
($ip, $action="")¶ - Will sleep for the defined amount of time
Source: Parameters: - $ip (string)
- $action (string) optionally filter by action
Returns: int the time spent sleeping
-
public
OC\Security\Bruteforce\Throttler::
sleepDelayOrThrowOnMax
($ip, $action="")¶ - Will sleep for the defined amount of time unless maximum was reached in the last 30 minutesIn this case a “429 Too Many Request” exception is thrown
Source: Parameters: - $ip (string)
- $action (string) optionally filter by action
Returns: int the time spent sleeping
Throws: \OCP\Security\Bruteforce\MaxDelayReached
when reached the maximum