From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 config/defaults.inc.php |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/config/defaults.inc.php b/config/defaults.inc.php
index eef7de4..4339523 100644
--- a/config/defaults.inc.php
+++ b/config/defaults.inc.php
@@ -386,6 +386,10 @@
 // Example: '/^[a-z0-9_@.-]+$/'
 $config['login_username_filter'] = null;
 
+// Brute-force attacks prevention.
+// The value specifies maximum number of failed logon attempts per minute.
+$config['login_rate_limit'] = 3;
+
 // Includes should be interpreted as PHP files
 $config['skin_include_php'] = false;
 
@@ -503,7 +507,7 @@
 // Maximum number of recipients per message. Default: 0 (no limit)
 $config['max_recipients'] = 0; 
 
-// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// Maximum allowed number of members of an address group. Default: 0 (no limit)
 // If 'max_recipients' is set this value should be less or equal
 $config['max_group_members'] = 0; 
 

--
Gitblit v1.9.1