Configuring the Regulation system.
Authelia can temporarily ban accounts when there are too many authentication attempts. This helps prevent brute-force attacks.
regulation: max_retries: 3 find_time: 2m ban_time: 5m
This section describes the individual configuration options.
The number of failed login attempts before a user may be banned. Setting this option to 0 disables regulation entirely.
The period of time analyzed for failed attempts. For
example if you set
max_retries to 3 and
2m this means the user must have 3 failed logins in
The period of time the user is banned for after meeting the
find_time configuration. After this
duration the account will be able to login again.