This article shows how protect Kentico CMS against brutal-force attack, or how to limit the number of attempted login before the account is locked.
Protection against brutal-force attack is not available in current version by default.
You can customize appropriate page (CMSPages/Logon.aspx.cs
) and write you own logic in code-behind file. Or you can use Flood protection
via our API. You can find CheckFlooding()
method in FloodProtectionHelper
class. For more info please see our API reference
. You can use it as following:
if (FloodProtectionHelper.CheckFlooding(CMSContext.CurrentSiteName, CMSContext.CurrentUser))
// your custom code
Kentico CMS 4.0
Created on 8/24/2009 4:56:25 AM
in Security & Membership