Andrew Bogott has uploaded a new change for review.
https://gerrit.wikimedia.org/r/322207
Change subject: Wikitech: Increase login throttle limits x4
......................................................................
Wikitech: Increase login throttle limits x4
Hopefully high enough that labslogbot won't get punished
so much, but low enough that we aren't introducing new
ddos opportunities.
Bug: T150373
Change-Id: Ia9c90e8c98825ccb21145380098c32f2246f6843
---
M wmf-config/CommonSettings.php
1 file changed, 9 insertions(+), 0 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/mediawiki-config
refs/changes/07/322207/1
diff --git a/wmf-config/CommonSettings.php b/wmf-config/CommonSettings.php
index e348553..6bf889d 100644
--- a/wmf-config/CommonSettings.php
+++ b/wmf-config/CommonSettings.php
@@ -2691,6 +2691,15 @@
$wgCookieDomain = "labtestwikitech.wikimedia.org"; // TODO: Is
this really necessary?
}
+ $wgPasswordAttemptThrottle = [
+ // Short term limit
+ [ 'count' => 20, 'seconds' => 300 ],
+ // Long term limit. We need to balance the risk
+ // of somebody using this as a DoS attack to lock someone
+ // out of their account, and someone doing a brute force attack.
+ [ 'count' => 600, 'seconds' => 60*60*48 ],
+ ];
+
// Some settings specific to wikitech's extensions
include( "$wmfConfigDir/wikitech.php" );
}
--
To view, visit https://gerrit.wikimedia.org/r/322207
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia9c90e8c98825ccb21145380098c32f2246f6843
Gerrit-PatchSet: 1
Gerrit-Project: operations/mediawiki-config
Gerrit-Branch: master
Gerrit-Owner: Andrew Bogott <abog...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
