Rate Limiting
This feature is similar to that of websites that block login attempts for a “cooldown period” to prevent brute force attacks.
It applies to LDAP bind operations.
Example configuration:
1[behaviors]2 LimitFailedBinds = true3 NumberOfFailedBinds = 34 PeriodOfFailedBinds = 105 BlockFailedBindsFor = 606 PruneSourceTableEvery = 6007 PruneSourcesOlderThan = 600| Configuration | Meaning |
|---|---|
| LimitFailedBinds | When enabled, rate limiting will apply after a number of failed authentication attempts |
| NumberOfFailedBinds | Number of consecutive failed auth attempts required to trigger rate limiting |
| PeriodOfFailedBinds | Window (in seconds) to detect failed auth attempts |
| BlockFailedBindsFor | Number of seconds to block the source IP address |
| PruneSourceTableEvery | (Housekeeping) clean up monitored IP addresses after this many seconds |
| PruneSourcesOlderThan | Clean up IP addresses last seen this many seconds ago |