This article shows how protect Kentico CMS against brutal-force attack, or how to limit the number of attempted login before the account is locked.
Protection against brutal-force attack is not available in current version by default.
You can customize appropriate page (
CMSPages/Logon.aspx.cs) and write you own logic in code-behind file. Or you can use
Flood protection via our API. You can find
CheckFlooding() method in
FloodProtectionHelper class. For more info please see our
API reference. You can use it as following:
if (FloodProtectionHelper.CheckFlooding(CMSContext.CurrentSiteName, CMSContext.CurrentUser))
{
// your custom code
}
See also:
Applies to:
Kentico CMS 4.0
Created on
8/24/2009 4:56:25 AM in
Security & Membership