Rate-limit your login attempts at the authentication backend level. Login attempts are stored in the cache for 5 minutes and IPs with more than 30 failed login attempts in the last 5 minutes are blocked.
The numbers (30 attempts, 5 minutes) as well as the blocking strategy can be customized.
- Authors: Bruno Renié and contributors
- Licence: BSD
- Compatibility: Django 1.8 and greater
- Documentation: https://django-ratelimit-backend.readthedocs.io
- Code: https://github.com/brutasse/django-ratelimit-backend
- Simon Willison for his ratelimitcache idea
git clone https://firstname.lastname@example.org/brutasse/django-ratelimit-backend.git
Hack and run the tests:
python setup.py test
To run the tests for all supported Python and Django versions:
pip install tox tox