IntruderAttempts

Minimum version required

These directives require EZproxy 3.0a GA (2004-08-02) or later. These directives were replaced by IntruderIPAttempts in EZproxy 3.6c GA (2006-03-10) and later.

Overview

IntruderAttempts and IntruderTimeout are position-independent config.txt/ezproxy.cfg directives that typically appears toward the top. These directives are used to enable intruder detection to enhance EZproxy security.

Sample Usage

IntruderAttempts 20
IntruderTimeout 300

In this example, if someone tries to login to EZproxy with invalid information more than 20 times within a 300 second (5 minute) interval from the same IP address, EZproxy will start evading further login attempts and will note the intrusion attempt to messages.txt/ezproxy.msg. If 300 seconds (5 minutes) pass with no further login attempts, EZproxy clears the intrusion status and allows login from this IP address again.