This module lets you put a per-IP limit on the number of failed authentication attempts.
It features an optioanal tarpit, i.e. waiting some time before returning an “authentication failed” response.
= {
modules_enabled -- your other modules
"limit_auth";
}
= 30 -- over 30 seconds
limit_auth_period
= 5 -- tolerate no more than 5 failed attempts
limit_auth_max
-- Will only work with Prosody trunk:
= 10 -- delay answer this long limit_auth_tarpit_delay
Requires 0.9 or later. The tarpit feature requires Prosody trunk.
With the plugin installer in Prosody 0.12 you can use:
sudo prosodyctl install https://modules.prosody.im/rocks/mod_limit_auth-3-1.src.rock
For other see the documentation for installing 3rd party modules