Opened 17 years ago

Last modified 10 years ago

#2437 closed Feature request

Security IP or Account locking against Brute force attack

Reported by: fjooord Owned by:
Priority: normal Component: FileZilla Server
Keywords: Cc: fjooord, Tim Kosse
Component version: Operating system type:
Operating system version:


It would be a safe thing to lock user account or reject
IP address automatically after a defined number of bad

thank you

Change History (1)

comment:1 by Tim Kosse, 17 years ago

FileZilla Server already slows down attackers significantly
on too many failed login attempts. Legitimate users can
still login at any given point, although it might take a
couple of seconds.
Automatic blocking won't be added though as that will
introduce an attack vector for denial of service attacks
where legitimate users will no longer be able to login.

Note: See TracTickets for help on using tickets.