Mercurial > p > roundup > code
diff doc/xmlrpc.txt @ 7556:273c8c2b5042
fix(api): - issue2551063 - Rest/Xmlrpc interfaces needs failed login protection.
Failed API login rate limiting with expiring lockout added.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Wed, 19 Jul 2023 20:37:45 -0400 |
| parents | 924b07252412 |
| children | c3a7b1aa06cf |
line wrap: on
line diff
--- a/doc/xmlrpc.txt Tue Jul 18 23:18:09 2023 -0400 +++ b/doc/xmlrpc.txt Wed Jul 19 20:37:45 2023 -0400 @@ -88,6 +88,14 @@ be passed in cleartext unless the server is proxied behind another server (such as Apache or lighttpd) that provides SSL. +Rate Limiting Failed Logins +--------------------------- + +See the `rest documentation +<rest.html#rate-limiting-api-failed-logins>`_ for rate limiting failed +logins on the API. The XML-RPC uses the same method as the REST API. +Rate limiting is shared between the XMLRPC and REST APIs. + Client API ========== The server currently implements seven methods/commands. Each method