Skip to content
  • Rob Swindell's avatar
    1e9d5c2c
    Treat every login failure with no password available as unique · 1e9d5c2c
    Rob Swindell authored 
    When loginFailure() is called with NULL for the password argument, that indicates there was no password available (e.g. an aborted login attempt) - treat each of these as a unique (not duplicate) failed-login attempt. This'll trigger ban/filter thresholds sooner for clients that hammer servers and disconnect mid-login.
    1e9d5c2c
    Treat every login failure with no password available as unique
    Rob Swindell authored 
    When loginFailure() is called with NULL for the password argument, that indicates there was no password available (e.g. an aborted login attempt) - treat each of these as a unique (not duplicate) failed-login attempt. This'll trigger ban/filter thresholds sooner for clients that hammer servers and disconnect mid-login.