Soft lock for Basic Auth
Maxim Dounin
mdounin at mdounin.ru
Fri Aug 31 17:36:09 UTC 2012
Hello!
On Tue, Aug 28, 2012 at 08:13:28PM +0530, Quintin Par wrote:
> Hi all,
>
> Is it possible to apply a soft lock timeout on invalid password attempts
> for
>
>
>
> auth_basic "Login";
>
> auth_basic_user_file /etc/.htpasswd;
As far as I understand the question, something like this should
work:
error_page 401 /401.html;
location = /401.html {
delay 1s;
}
Where the "delay" directive is added by a trivial module from [1].
(It may be equally done e.g. with embedded perl, or with
limit_req, but it's usually a good idea to keep things simple.)
[1] http://mdounin.ru/hg/ngx_http_delay_module
Maxim Dounin
More information about the nginx
mailing list