Skip to content
Grails plugin enables blocking user account after few attampts with incorect credentials. Preventing brute-force attacks
Find file
Failed to load latest commit information.
grails-app Update to support Grails 2.4.3
src/groovy/com/grygoriy/bruteforcedefender renamed plugin to defender
.classpath added STS project files
.project added STS project files
BruteforceDefenderGrailsPlugin.groovy update plugin version update to use forked plugin example. Unless will original repo will b… Update to support Grails 2.4.3

Brute-force Defender Plugin Info


Plugin adds functionality of blocking user account after a configured number of failed login, thus countering brute-force attacks. Plugin is working on top of configured Spring Security Core plugin with its UserDetails.



  • plugin depents on Spring Security Core plugin

From grails plugin reposity

  • follow instrations here
  • add compile ":bruteforce-defender:1.0" to BuildConfig.groovy

Install from pre-compliled

Build from sources

  • clone repo git clone
  • build plugin grails package-plugin
  • you should see plugin zip file in plugin directory
  • use grails install-plugin <path to file>


Add to your Config.groovy next lines

grails.plugins.springsecurity.useSecurityEventListener = true

bruteforcedefender {
    time = 5
    allowedNumberOfAttempts = 3


To enable logging, add next lines in your Config.groovy

log4j = {
    environments {
        development {
            debug ''

Demo application

Here is demo application that you can just run and look how it is working. Thanks to @stokito

Grygoriy Mykhalyuno

Bitdeli Badge

Something went wrong with that request. Please try again.