BlackRed is a dynamic blacklisting library using Redis as a fast and reliable storage backend.
Example: A user tries to log on a system and fails because of bad credentials or an inactivated account. This failure can be recorded with BlackRed. After three failures within a certain time the account gets locked for an extended period of time. This limits brute force attacks. All time periods are configurable.
In a desktop application you would record the username in question with BlackRed. In a web environment, the requester's IP address would be the perfect.
In the redis database, two lists are kept: A watchlist that records the failures, and the blacklist that contains blocked items.
- Author: Juergen Edelbluth, https://juergen.rocks/, @JuergenRocks
- Build Status: https://travis-ci.org/edelbluth/blackred
- Project Homepage: https://github.com/edelbluth/blackred
- Documentation: https://blackred.readthedocs.org/index.html
- PyPi Page: https://pypi.python.org/pypi/blackred
- German Description: https://juergen.rocks/art/mit-blackred-benutzer-logins-absichern.html
Copyright 2016 Juergen Edelbluth
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
See LICENSE.txt for complete License Text