New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rating Limit. #1333
Comments
Hi @f0rum You're correct. There are no account lockout or IP banning restrictions. Access to the management interface should be restricted using the IP subnet access controls in a production deployment. This can be configured with the The default username and password should also be changed to something more secure using the The panel path should also be changed using the Edit: See also: #182 |
Hi @bcoles Any update on this, looking forward to this. |
Turns out the admin UI does have request throttling. However, it's set to 1 second by default. You can change the The RESTful API does not have the same restrictions. |
Clean-up duplicate functionality. EOL whitespace removed Changes to be committed: modified: extensions/admin_ui/controllers/authentication/authentication.rb
Clean-up duplicate functionality. EOL whitespace removed Changes to be committed: modified: extensions/admin_ui/controllers/authentication/authentication.rb
Clean-up duplicate functionality. EOL whitespace removed Changes to be committed: modified: extensions/admin_ui/controllers/authentication/authentication.rb
Clean-up duplicate functionality. EOL whitespace removed Changes to be committed: modified: extensions/admin_ui/controllers/authentication/authentication.rb
Hi ,
OS : In Linux Ubuntu 16.04 LTS
Looks like there is no rating limit in the BeeF Login Portal.
Able make a brute.
Request to have a look !
Thank you
The text was updated successfully, but these errors were encountered: