diff --git a/admin_manual/configuration_server/config_sample_php_parameters.rst b/admin_manual/configuration_server/config_sample_php_parameters.rst index 54e480ee3c8..cd3dc687462 100644 --- a/admin_manual/configuration_server/config_sample_php_parameters.rst +++ b/admin_manual/configuration_server/config_sample_php_parameters.rst @@ -572,6 +572,24 @@ Disabling this is discouraged for security reasons. Defaults to ``true`` +auth.bruteforce.protection.testing +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + + +:: + + 'auth.bruteforce.protection.testing' => false, + +Whether the bruteforce protection shipped with Nextcloud should be set to testing mode. + +In testing mode bruteforce attempts are still recorded, but the requests do +not sleep/wait for the specified time. They will still abort with +"429 Too Many Requests" when the maximum delay is reached. +Enabling this is discouraged for security reasons +and should only be done for debugging and on CI when running tests. + +Defaults to ``false`` + ratelimit.protection.enabled ^^^^^^^^^^^^^^^^^^^^^^^^^^^^