Blacklist

If someone tries to brute force passwords their IP will be blacklisted.

  • The IP will be denied access then un-listed after 24 hours
  • This can be immediately cleared by restarting the Noodle service
  • The feature may be disabled or specific whitelisting entries added from the System Settings > Security section
  • The default threshold (20 failures per minute) may be adjusted  via the BlackList.PerMinuteThreshold option in intranet.conf.
  • One NATed IPv4 user can get many users blacklisted due to shared IP. IPv6 or internal monitoring are the only way to prevent that without disabling blacklisting.