Set maximum login attempts HTTPs admin

comsis

Good day.

In order to increase the Firewall security: is it possible?

Or otherwise establish a time limit?

Note: Not over ssh that We always purposely disable.

Thanks a lot for your value ideas and help .

Luis F Morales Z.

Cmellons

@comsis:

Or otherwise establish a time limit?

SYSTEM/USER MANAGER/SETTINGS    To change the amount of time that goes by before the session expires.

For incorrect logins I don't know of a way but then again I've never tested it. There could very well be a trigger in there. You would think that there should be especially if your business network runs off of Pfsense. A disgruntled employee could have a lot of fun in my opinion if he or she has the know how.

jimp

The system tracks failed logins and if there are two many (I believe it's 15 in 5 minutes) then it blocks the offending IP for a couple hours to discourage brute force attacks.