From 4a17fae9af464b21a64e708769f36108055e88b9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 11 Sep 2022 20:48:23 +0200 Subject: [PATCH] Add info on mitigation --- htdocs/admin/system/security.php | 15 +++++++++++++++ htdocs/core/tpl/login.tpl.php | 2 ++ 2 files changed, 17 insertions(+) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 5b3b8c9f280..b7074c51095 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -563,6 +563,21 @@ print '
'; print '
'; +print load_fiche_titre($langs->trans("LimitsAndMitigation"), '', 'folder'); + +print ''; +print 'For a higher security, we also recommend to implement limits and mitigation on number of endpoints per minutes for the following URL'."
"; +print ''; + +print '
'; +print 'Login process -> This can be done using a fail2ban rule (see example into dev/setup)'."
"; +print DOL_URL_ROOT.'/passwordforgotten.php (see example into dev/setup)'."
"; +print DOL_URL_ROOT.'/public/* (see example into dev/setup)'."
"; + + + + + // End of page llxFooter(); $db->close(); diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index f179ea9ed36..b7e6fd15dcb 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -137,9 +137,11 @@ $(document).ready(function () {
+ +