feature request: Is it possible to set rate limitation on user login?

Open weathon opened this issue 2 years ago • 3 comments

So that we can block possible brute force password cracking

Jun 06 '23 01:06 weathon

For Logto Cloud we've setup firewalls. For Logto OSS we do have a plan on enhanced security on 23H2.

Jun 09 '23 03:06 gao-sun

This will be at least somewhat solved with #1751 (depending on the implementation) For now you could set up your own limiting rules with the reverse proxy of your choice

Jun 11 '23 20:06 Tc-001

We are implementing a default rate limiter. Customization may come later.

Sep 01 '23 15:09 gao-sun