You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With the security settings of a project, it's possible to limit spam without creating many rules. However, since these settings apply to all users, it can be hard to define the correct values (not too strict or soft).
To help with this problem, we want to add an option to define rules based on the user's IP address (and if enabled, the GeoIP2 information like provider ASN and country code).
With this addition, it's possible to define the security settings with soft values for user origins A, B, and C and hard values for user origins E, F, and G. It's also possible to completely turn off the security settings for some countries. User origin means IP subnet, country code, or AS number.
Changes
Adjust the security settings page and add the new option to add, edit, and delete origin-based security settings
Adjust the frontend API to use the correct security settings
Suggested by
@mosparo/core-developers
The text was updated successfully, but these errors were encountered:
With the refactored security settings, it's possible to add security guidelines, which are valid for some IP addresses (or country codes or AS numbers if GeoIP2 is enabled).
With these guidelines, enforcing stricter security settings for some users is possible, while others have less restrictive or no security settings.
Loads all security guidelines from the database and evaluates which is the correct one for the client's IP address.
If none can be found, the general security settings of a project will be used.
Explanation
With the security settings of a project, it's possible to limit spam without creating many rules. However, since these settings apply to all users, it can be hard to define the correct values (not too strict or soft).
To help with this problem, we want to add an option to define rules based on the user's IP address (and if enabled, the GeoIP2 information like provider ASN and country code).
With this addition, it's possible to define the security settings with soft values for user origins A, B, and C and hard values for user origins E, F, and G. It's also possible to completely turn off the security settings for some countries. User origin means IP subnet, country code, or AS number.
Changes
Suggested by
The text was updated successfully, but these errors were encountered: