mod_limit_auth

Introduction

This module lets you put a per-IP limit on the number of failed authentication attempts.

It features an optioanal tarpit, i.e. waiting some time before returning an “authentication failed” response.

Configuration

modules_enabled = {
  -- your other modules
  "limit_auth";
}

limit_auth_period = 30 -- over 30 seconds

limit_auth_max = 5 -- tolerate no more than 5 failed attempts

 -- Will only work with Prosody trunk:
limit_auth_tarpit_delay = 10 -- delay answer this long

Compatibility

Requires 0.9 or later. The tarpit feature requires Prosody trunk.

Latest changes

Only apply limit to normal c2s sessions (thanks cuc) 2015-10-30
Get rid of old inactive throttle objects 2015-09-14
Throttle authentication (failed) attempts with optional (0.10+) tarpit 2014-12-06