Rate-limit your login attempts at the authentication backend level. Login attempts are stored in the cache for 5 minutes and IPs with more than 30 failed login attempts in the last 5 minutes are blocked.
The numbers (30 attempts, 5 minutes) as well as the blocking strategy can be customized.
- Authors: Bruno Renié and contributors
- Licence: BSD
- Compatibility: Django 1.3 and greater
- Documentation: http://django-ratelimit-backend.rtfd.org
- Code: https://github.com/brutasse/django-ratelimit-backend
- Simon Willison for his ratelimitcache idea
git clone https://email@example.com/brutasse/django-ratelimit-backend.git
Hack and run the tests:
python setup.py test
To run the tests for all supported Python and Django versions:
pip install tox tox