aertmann/brute-force

Simple brute-force prevention (account locking) for Flow

Maintainers

👁 aertmann

Package info

github.com/aertmann/brute-force

Type:neos-package

pkg:composer/aertmann/brute-force

Statistics

Installs: 1 550

Dependents: 0

Suggesters: 0

Stars: 5

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

3.0.0 2023-04-26 15:26 UTC

Requires

neos/flow: >=6.0
neos/swiftmailer: >6.0

Requires (Dev)

None

Suggests

None

Provides

None

Conflicts

None

Replaces

None

MIT 743ff772df705ddeb316c13ca678077e6a554681

Aske Ertmann <aske.woop@ertmann.co>

flow security Neos brute-force

This package is auto-updated.

Last update: 2026-06-26 22:20:03 UTC

README

👁 Scrutinizer Code Quality
👁 Latest Stable Version
👁 Total Downloads
👁 License

Introduction

This package provides simple brute-force prevention (account locking) for Neos/Flow.

A notification email can be send to an administrator when an account has been locked.

Compatible with Neos 3.x or later / Flow 4.x or later (tested until 7.3)

Be aware that there are ways to circumvent this protection and it can be misused, see Blocking Brute Force Attacks for more information.

Note that the threshold is disabled in development context by default. To override it, create a Settings.yaml configuration file inside a Development folder inside a Configuration folder.

Installation

composer require "aertmann/brute-force:~2.0"

Configuration

Failed attempts threshold and notification mail can be configured in Settings.yaml.

URL: https://packagist.org/packages/aertmann/brute-force

⇱ aertmann/brute-force - Packagist.org

aertmann/brute-force

Maintainers

Package info

Statistics

Security

README

Introduction

Installation

Configuration