use better defaults for some egw_info server values (num_unsuccessful_id, num_unsuccessful_ip, block_time)

This commit is contained in:
Klaus Leithoff 2012-11-29 10:51:24 +00:00
parent 021de24c01
commit bafc7dc836

View File

@ -186,7 +186,7 @@ class egw_session
}
if (!isset($GLOBALS['egw_info']['server']['block_time']))
{
$GLOBALS['egw_info']['server']['block_time'] = 5; // default 5min
$GLOBALS['egw_info']['server']['block_time'] = 1; // default 1min, its enough to slow down brute force attacks
$save_rep = true;
}
if (!isset($GLOBALS['egw_info']['server']['num_unsuccessful_id']))
@ -196,7 +196,7 @@ class egw_session
}
if (!isset($GLOBALS['egw_info']['server']['num_unsuccessful_ip']))
{
$GLOBALS['egw_info']['server']['num_unsuccessful_ip'] = $GLOBALS['egw_info']['server']['num_unsuccessful_id']; // default same as for id
$GLOBALS['egw_info']['server']['num_unsuccessful_ip'] = $GLOBALS['egw_info']['server']['num_unsuccessful_id'] * 5; // default is 5 times as high as the id default; since accessing via proxy is quite common
$save_rep = true;
}
if (!isset($GLOBALS['egw_info']['server']['install_id']))