ReferenceConfigurationconfig.yaml

security

Server-wide security settings. Currently limited to account lockout policy, which protects against brute-force login attempts by temporarily locking accounts after repeated failures.

security.accountLockoutPolicy

object

Specifies conditions for account lockout.

security:
  accountLockoutPolicy:
    threshold: 10                   # lock after 10 failed attempts
    lockoutDurationSeconds: 900     # lock for 15 minutes
    resetCounterPeriodSeconds: 1800 # reset counter after 30 minutes

security.accountLockoutPolicy.threshold

number = 10

Number of unsuccessful login attempts after which the account is locked out. Set to 0 to disable.

security.accountLockoutPolicy.lockoutDurationSeconds

number = 900

Duration in seconds a locked-out account remains locked before automatically becoming unlocked. The default is 900 (15 minutes).

security.accountLockoutPolicy.resetCounterPeriodSeconds

number = lockoutDurationSeconds

Time in seconds after the last unsuccessful login before the failure counter resets to zero. Must be equal to or greater than lockoutDurationSeconds. If not specified, defaults to the lockoutDurationSeconds value.

logging

Previous Page

ssh

Next Page

On this page

security.accountLockoutPolicysecurity.accountLockoutPolicy.thresholdsecurity.accountLockoutPolicy.lockoutDurationSecondssecurity.accountLockoutPolicy.resetCounterPeriodSeconds