Brute force protection
If brute force protection is enabled, remote host will be allowed to generate only limited number of failures/errors within defined control period of time. Once the number of failures is over defined maximum number of failures STATUS_HOST_TEMPORARILY_BANNED error will be generated until control period of time passes (by default, for 15 minutes since the last recorded failure).
Brute force protection is currently implemented for the following segments of ACEN web site:
- standard login page authentication (login errors are tracked)
- new client account page (invalid serial number errors are tracked)
- web service authentication (credentials failures are tracked)
- all web licensing methods which do not require any authentication (method errors are tracked).
Control period in minutes
Maximum number of features within defined period.
If enabled, brute force protection events will be logged to database.
If enabled, notification email about temporarily banned host will be delivered to selected admin user.
Ddos tracking period in seconds. Host tracking data is reset after this period of time.
Min wait time
Minimum period of time between requests in seconds.
Maximum allowed number of requests per defined tracking period.
If enabled, ddos protection events will be logged to database.
If enabled, notification email about permanently banned host will be delivered to selected admin user.
Select administrator user which will receive security notifications in case 'Notify admin' option is enabled for brute force or ddos protection.