How to protect Kentico CMS against brutal-force attack
This article shows how protect Kentico CMS against brutal-force attack, or how to limit the number of attempted login before the account is locked.
Protection against brutal-force attack is not available in current version by default.
You can customize appropriate page (CMSPages/Logon.aspx.cs
) and write you own logic in code-behind file. Or you can use Flood protection
via our API. You can find CheckFlooding()
method in FloodProtectionHelper
class. For more info please see our API reference
. You can use it as following:
if (FloodProtectionHelper.CheckFlooding(CMSContext.CurrentSiteName, CMSContext.CurrentUser))
// your custom code
See also: Applies to:
Kentico CMS 4.0