Firewall
The firewall is a security feature that allows you to restrict access to your API.
#
Login throttlingLogin throttling is a security feature that allows you to restrict the number of login attempts within a given time frame. This is enabled by default and limited to 5 attempts per 15 minutes using the SlidingWindowStrategy.
Login Throttling can be configured in etc/config/security.yaml
:
Login throttling can not be disabled. If you want to disable login throttling (not recommended), just use a very high number of max attempts.
The lock will automatically be released after 15 minutes, or sooner if some tokens expire sooner. Each token will be released after 15 minutes.