Andrew Bogott has uploaded a new change for review. https://gerrit.wikimedia.org/r/322207
Change subject: Wikitech: Increase login throttle limits x4 ...................................................................... Wikitech: Increase login throttle limits x4 Hopefully high enough that labslogbot won't get punished so much, but low enough that we aren't introducing new ddos opportunities. Bug: T150373 Change-Id: Ia9c90e8c98825ccb21145380098c32f2246f6843 --- M wmf-config/CommonSettings.php 1 file changed, 9 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/mediawiki-config refs/changes/07/322207/1 diff --git a/wmf-config/CommonSettings.php b/wmf-config/CommonSettings.php index e348553..6bf889d 100644 --- a/wmf-config/CommonSettings.php +++ b/wmf-config/CommonSettings.php @@ -2691,6 +2691,15 @@ $wgCookieDomain = "labtestwikitech.wikimedia.org"; // TODO: Is this really necessary? } + $wgPasswordAttemptThrottle = [ + // Short term limit + [ 'count' => 20, 'seconds' => 300 ], + // Long term limit. We need to balance the risk + // of somebody using this as a DoS attack to lock someone + // out of their account, and someone doing a brute force attack. + [ 'count' => 600, 'seconds' => 60*60*48 ], + ]; + // Some settings specific to wikitech's extensions include( "$wmfConfigDir/wikitech.php" ); } -- To view, visit https://gerrit.wikimedia.org/r/322207 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ia9c90e8c98825ccb21145380098c32f2246f6843 Gerrit-PatchSet: 1 Gerrit-Project: operations/mediawiki-config Gerrit-Branch: master Gerrit-Owner: Andrew Bogott <abog...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits