RFE Per Counter Reset
HadiJadallah opened this issue · comments
Hadi J commented
Thank you for your smart and hard work.
Per the title.
Scenario:
We have rules to limit the login endpoint per minute, hour, and day for many reasons.
One reason being to deter brute force attacks on the login page.
Request:
If a legitimate client logs in successfully, after some failed attempts, the ability to reset the Daily counter would prevent problems.
Waiting an hour is not a big deal, waiting a day can be problematic.
Yes we can increase the daily counter limit, but the ability to reset the counter under other scenarios, conditions, would be more productive than to change / reload the rules.
Thank you