From a15d877ba8e12ba6659aad69d63b8b73256144ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Wed, 11 Nov 2015 12:53:43 -0500
Subject: [PATCH] Added brute-force attack prevention via login rate limit (#1490566)

---
 index.php |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/index.php b/index.php
index 1ebbdca..9dcf773 100644
--- a/index.php
+++ b/index.php
@@ -155,6 +155,7 @@
             RCMAIL::ERROR_COOKIES_DISABLED => 'cookiesdisabled',
             RCMAIL::ERROR_INVALID_REQUEST  => 'invalidrequest',
             RCMAIL::ERROR_INVALID_HOST     => 'invalidhost',
+            RCMAIL::ERROR_RATE_LIMIT       => 'accountlocked',
         );
 
         $error_message = !empty($auth['error']) && !is_numeric($auth['error']) ? $auth['error'] : ($error_labels[$error_code] ?: 'loginfailed');

--
Gitblit v1.9.1