By default:
A given IP address can only send 5 login attempts per minute. This is to protect against brute force attacks.
A user is locked out of Fabricate after 5 failed login attempts. Fabricate then sends an email message with instructions on how to unlock their account.
To customize these options for a self-hosted instance, in .env, set the following environment variables:
FABRICATE_MAX_LOGIN_ATTEMPTS_PER_MINUTE= # Maximum times per minute that an IP address can attempt to log into Fabricate. Default: 5
FABRICATE_MAX_LOGIN_ATTEMPTS= # Number of failed login attempts before lockout. Default: 5Last updated
Was this helpful?
Was this helpful?