4.3.4. Failed attempts limits

------------------------------------------------------------------------------
eurephia :: ATTEMPTS LIMITS
------------------------------------------------------------------------------

These parameters here will decide when eurephia should block access, based on
how many registered failed attempts.  Normally, you should be strict regarding
number of attempts on usernames, less strict on certificates and even less on
IP addresses.  Remember that the user might connect via a proxy or a firewall
with NAT enabled.

How many failed attempts will you allow per user name? [3]
How many failed attempts will you allow per certificate? [5]
How many failed attempts will you allow per IP address? [10]

==============================================================================

These three parameters defines when to block a username, certificate or IP address. If a user tries and fails to log in with the same username 3 times, the user account will be blocked. The same happens if the user tries 5 times with the same certificate but with different usernames. If the user continues with more attempts, even with different certificates, the IP address will be blocked after 10 attempts.

If you have a lot of users behind the same IP address, you might want to consider to increase the last number from 10 to something higher.

Note

All the parameters set via eurephia_init can be changed later on via the eurephiadm utility. If you are uncertain about the values, start with the default values as evaluate how well it works for you.