From c1bbf0d0b6522f47572c38e25c4e23b184665c46 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 17 Oct 2015 07:37:11 -0400
Subject: [PATCH] After failed login wait a second to slow down brute-force attacks (#1490549)

---
 program/include/rcmail.php |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index b2ab79a..81a1c81 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -596,6 +596,8 @@
 
         // try to log in
         if (!$storage->connect($host, $username, $pass, $port, $ssl)) {
+            // Wait a second to slow down brute-force attacks (#1490549)
+            sleep(1);
             return false;
         }
 

--
Gitblit v1.9.1