Project

General

Profile

Actions

Feature #75987

closed

Implement request throttling/ rate limiting functionality and API

Added by Helmut Hummel almost 8 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Security
Target version:
-
Start date:
2016-04-29
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Our current brute force protection is non existent:

There are cases where specific functionality should be throttled, example: A user shouldn't hammer with 20 comments / second.

Task: Evaluate existing solutions (e.g. https://github.com/websoftwares/Throttle) and / or implement
a general throttling mechanism and provide API for extensions


Related issues 4 (0 open4 closed)

Related to TYPO3 Core - Feature #21661: Secure the BE login - Blacklist ipsClosed2009-11-24

Actions
Related to TYPO3 Core - Bug #21658: Secure the BE login - Auto disable the be user after a certain amount of login failure.Closed2009-11-24

Actions
Related to TYPO3 Core - Feature #19987: Security: Backend user should be disabled after x failed log in (and the appropriate option is set in the install tool)Closed2009-02-09

Actions
Has duplicate TYPO3 Core - Feature #93825: Introduce rate limiter componentClosed2021-03-27

Actions
Actions

Also available in: Atom PDF