mirror of
https://github.com/postgres/postgres.git
synced 2025-05-28 05:21:27 +03:00
3c49c6facb
Since some preparation work had already been done, the only source changes left were changing empty-element tags like <xref linkend="foo"> to <xref linkend="foo"/>, and changing the DOCTYPE. The source files are still named *.sgml, but they are actually XML files now. Renaming could be considered later. In the build system, the intermediate step to convert from SGML to XML is removed. Everything is build straight from the source files again. The OpenSP (or the old SP) package is no longer needed. The documentation toolchain instructions are updated and are much simpler now. Peter Eisentraut, Alexander Lakhin, Jürgen Purtz
66 lines
1.6 KiB
Plaintext
66 lines
1.6 KiB
Plaintext
<!-- doc/src/sgml/auth-delay.sgml -->
|
|
|
|
<sect1 id="auth-delay" xreflabel="auth_delay">
|
|
<title>auth_delay</title>
|
|
|
|
<indexterm zone="auth-delay">
|
|
<primary>auth_delay</primary>
|
|
</indexterm>
|
|
|
|
<para>
|
|
<filename>auth_delay</filename> causes the server to pause briefly before
|
|
reporting authentication failure, to make brute-force attacks on database
|
|
passwords more difficult. Note that it does nothing to prevent
|
|
denial-of-service attacks, and may even exacerbate them, since processes
|
|
that are waiting before reporting authentication failure will still consume
|
|
connection slots.
|
|
</para>
|
|
|
|
<para>
|
|
In order to function, this module must be loaded via
|
|
<xref linkend="guc-shared-preload-libraries"/> in <filename>postgresql.conf</filename>.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Configuration Parameters</title>
|
|
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term>
|
|
<varname>auth_delay.milliseconds</varname> (<type>int</type>)
|
|
<indexterm>
|
|
<primary><varname>auth_delay.milliseconds</varname> configuration parameter</primary>
|
|
</indexterm>
|
|
</term>
|
|
<listitem>
|
|
<para>
|
|
The number of milliseconds to wait before reporting an authentication
|
|
failure. The default is 0.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
|
|
<para>
|
|
These parameters must be set in <filename>postgresql.conf</filename>.
|
|
Typical usage might be:
|
|
</para>
|
|
|
|
<programlisting>
|
|
# postgresql.conf
|
|
shared_preload_libraries = 'auth_delay'
|
|
|
|
auth_delay.milliseconds = '500'
|
|
</programlisting>
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Author</title>
|
|
|
|
<para>
|
|
KaiGai Kohei <email>kaigai@ak.jp.nec.com</email>
|
|
</para>
|
|
</sect2>
|
|
|
|
</sect1>
|