{ "info": { "author": "GRAP, Tecnativa, Odoo Community Association (OCA)", "author_email": "support@odoo-community.org", "bugtrack_url": null, "classifiers": [ "Framework :: Odoo", "License :: OSI Approved :: GNU Affero General Public License v3", "Programming Language :: Python" ], "description": ".. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg\n :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html\n :alt: License: AGPL-3\n\n===============================================================\nTracks Authentication Attempts and Prevents Brute-force Attacks\n===============================================================\n\nThis module registers each request done by users trying to authenticate into\nOdoo. If the authentication fails, a counter is increased for the given remote\nIP. After a defined number of attempts, Odoo will ban the remote IP and\nignore new requests.\nThis module applies security through obscurity\n(https://en.wikipedia.org/wiki/Security_through_obscurity),\nWhen a user is banned, the request is now considered as an attack. So, the UI\nwill **not** indicate to the user that his IP is banned and the regular message\n'Wrong login/password' is displayed.\n\nThis module realizes a call to a web API (http://ip-api.com) to try to have\nextra information about remote IP.\n\nConfiguration\n=============\n\nYou can use these configuration parameters that control this addon behavior:\n\n* ``auth_brute_force.whitelist_remotes`` is a comma-separated list of\n whitelisted IPs. Failures from these remotes are ignored.\n\n* ``auth_brute_force.max_by_ip`` defaults to 50, and indicates the maximum\n successive failures allowed for an IP. After hitting the limit, the IP gets\n banned.\n\n* ``auth_brute_force.max_by_ip_user`` defaults to 10, and indicates the\n maximum successive failures allowed for any IP and user combination.\n After hitting the limit, that user and IP combination is banned.\n\nUsage\n=====\n\nAdmin user have the possibility to unblock a banned IP.\n\nLogging\n-------\n\nThis module generates some WARNING logs, in the following cases:\n\n* When the IP limit is reached: *Authentication failed from remote 'x.x.x.x'.\n The remote has been banned. Login tried: xxxx.*\n\n* When the IP+user combination limit is reached:\n *Authentication failed from remote 'x.x.x.x'.\n The remote and login combination has been banned. Login tried: xxxx.*\n\nScreenshot\n----------\n\n**List of Attempts**\n\n.. image:: /auth_brute_force/static/description/screenshot_attempts_list.png\n\n\n.. image:: https://odoo-community.org/website/image/ir.attachment/5784_f2813bd/datas\n :alt: Try me on Runbot\n :target: https://runbot.odoo-community.org/runbot/149/11.0\n\nFor further information, please visit:\n\n* https://www.odoo.com/forum/help-1\n\nKnown issues / Roadmap\n======================\n\n* Remove \ud83d\udc12 patch for https://github.com/odoo/odoo/issues/24183 in v12.\n\n* Depending of server and / or user network configuration, the idenfication\n of the user can be wrong, and mainly in the following cases:\n\n * If the Odoo server is behind an Apache / NGinx proxy and it is not properly\n configured, all requests will use the same IP address. Blocking such IP\n could render Odoo unusable for all users! **Make sure your logs output the\n correct IP for werkzeug traffic before installing this addon.**\n\n* The IP metadata retrieval should use a better system. `See details here\n `_.\n\nBug Tracker\n===========\n\nBugs are tracked on `GitHub Issues\n`_. In case of trouble, please\ncheck there if your issue has already been reported. If you spotted it first,\nhelp us smash it by providing detailed and welcomed feedback.\n\nCredits\n=======\n\nContributors\n------------\n\n* Sylvain LE GAL (https://twitter.com/legalsylvain)\n* David Vidal \n* Jairo Llopis \n\nMaintainer\n----------\n\n.. image:: https://odoo-community.org/logo.png\n :alt: Odoo Community Association\n :target: https://odoo-community.org\n\nThis module is maintained by the OCA.\n\nOCA, or the Odoo Community Association, is a nonprofit organization whose\nmission is to support the collaborative development of Odoo features and\npromote its widespread use.\n\nTo contribute to this module, please visit https://odoo-community.org.\n\n\n", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/OCA/server-tools", "keywords": "", "license": "AGPL-3", "maintainer": "", "maintainer_email": "", "name": "odoo11-addon-auth-brute-force", "package_url": "https://pypi.org/project/odoo11-addon-auth-brute-force/", "platform": "", "project_url": "https://pypi.org/project/odoo11-addon-auth-brute-force/", "project_urls": { "Homepage": "https://github.com/OCA/server-tools" }, "release_url": "https://pypi.org/project/odoo11-addon-auth-brute-force/11.0.1.1.0/", "requires_dist": [ "odoo (<11.1dev,>=11.0a)" ], "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*", "summary": "Track Authentication Attempts and Prevent Brute-force Attacks", "version": "11.0.1.1.0" }, "last_serial": 4920504, "releases": { "11.0.1.0.0": [ { "comment_text": "", "digests": { "md5": "f22e8fdbeb06c61c3d2ec8f6ae2c07ff", "sha256": "968eb8e6edc94e2fa70be6585e2102731cf66c4f0d224f5d9fc240e09579790e" }, "downloads": -1, "filename": "odoo11_addon_auth_brute_force-11.0.1.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "f22e8fdbeb06c61c3d2ec8f6ae2c07ff", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*", "size": 141334, "upload_time": "2018-05-27T04:32:52", "url": "https://files.pythonhosted.org/packages/0f/dc/c20610f99e07bab0d8ace502b39fc0cbc4073db22aec8654b58f4397c80b/odoo11_addon_auth_brute_force-11.0.1.0.0-py2.py3-none-any.whl" } ], "11.0.1.1.0": [ { "comment_text": "", "digests": { "md5": "ad29cea7ad4f1d1bdb57cdc20810c22b", "sha256": "20884adb2b82b3476369e548510df67d46cefcaf113ea0e982b27d2944fa1892" }, "downloads": -1, "filename": "odoo11_addon_auth_brute_force-11.0.1.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "ad29cea7ad4f1d1bdb57cdc20810c22b", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*", "size": 141301, "upload_time": "2018-05-29T04:32:25", "url": "https://files.pythonhosted.org/packages/3a/6e/e47f07662539df68842ee4b5bb0ccf39a8accc6f7431146dab0f9f321736/odoo11_addon_auth_brute_force-11.0.1.1.0-py2.py3-none-any.whl" } ], "11.0.1.2.0.99.dev10": [ { "comment_text": "", "digests": { "md5": "a453f758f364808d22fea36a36e0c4b8", "sha256": "bdef26e5472afa4397656e12596ff1ad2b0b423c726ef46cea243e18dc91bf49" }, "downloads": -1, "filename": "odoo11_addon_auth_brute_force-11.0.1.2.0.99.dev10-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "a453f758f364808d22fea36a36e0c4b8", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*", "size": 139108, "upload_time": "2018-10-06T13:10:48", "url": "https://files.pythonhosted.org/packages/5e/fe/df254567809245fd37a318e97a1964d03710079ca269f5409b64c948cc6b/odoo11_addon_auth_brute_force-11.0.1.2.0.99.dev10-py2.py3-none-any.whl" } ], "11.0.1.2.0.99.dev11": [ { "comment_text": "", "digests": { "md5": "ba0feabe98fe218271de64cbbfa5b251", "sha256": "ac0423550a125d21e7b7471d8d040742eaaff0c840b3d61124eb3680e24596fa" }, "downloads": -1, "filename": "odoo11_addon_auth_brute_force-11.0.1.2.0.99.dev11-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "ba0feabe98fe218271de64cbbfa5b251", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*", "size": 135623, "upload_time": "2018-12-13T05:33:54", "url": "https://files.pythonhosted.org/packages/4e/a2/cbb2e3b0644b48e8a7dcc11605569cff5283253a851643f714b4797052c6/odoo11_addon_auth_brute_force-11.0.1.2.0.99.dev11-py2.py3-none-any.whl" } ], "11.0.1.2.0.99.dev12": [ { "comment_text": "", "digests": { "md5": "3a3dfde8b73112964068911c3574aa56", "sha256": "f505b54ee93b6a9fbd1b304536f5c3326ddacdd59e3de30f190f8276bd2ef9c4" }, "downloads": -1, "filename": "odoo11_addon_auth_brute_force-11.0.1.2.0.99.dev12-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "3a3dfde8b73112964068911c3574aa56", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*", "size": 136045, "upload_time": "2019-03-10T05:34:17", "url": "https://files.pythonhosted.org/packages/24/15/9aaa57804138b1acebd53a20a3504cac085db71b1d90420da5c5d6db04a1/odoo11_addon_auth_brute_force-11.0.1.2.0.99.dev12-py2.py3-none-any.whl" } ], "11.0.1.2.0.99.dev9": [ { "comment_text": "", "digests": { "md5": "5bcb59f881a035d9d85e5a7f436720d6", "sha256": "75aafc2e90a321b09ddfdfd2654e2cd84c8493507f43e4abc478d432555b9f1e" }, "downloads": -1, "filename": "odoo11_addon_auth_brute_force-11.0.1.2.0.99.dev9-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "5bcb59f881a035d9d85e5a7f436720d6", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*", "size": 141969, "upload_time": "2018-06-12T04:32:31", "url": "https://files.pythonhosted.org/packages/bb/bb/37ea41077186ca89ca39344ebbf8a64ba51ec78f19ac22a4b0393f9992e7/odoo11_addon_auth_brute_force-11.0.1.2.0.99.dev9-py2.py3-none-any.whl" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "ad29cea7ad4f1d1bdb57cdc20810c22b", "sha256": "20884adb2b82b3476369e548510df67d46cefcaf113ea0e982b27d2944fa1892" }, "downloads": -1, "filename": "odoo11_addon_auth_brute_force-11.0.1.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "ad29cea7ad4f1d1bdb57cdc20810c22b", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*", "size": 141301, "upload_time": "2018-05-29T04:32:25", "url": "https://files.pythonhosted.org/packages/3a/6e/e47f07662539df68842ee4b5bb0ccf39a8accc6f7431146dab0f9f321736/odoo11_addon_auth_brute_force-11.0.1.1.0-py2.py3-none-any.whl" } ] }