For security purposes, SmarterStats limits the number of times a user can attempt to log in without success. By default, users are temporarily locked out of their account after 10 failed login attempts and will remain locked out for five minutes. System administrators can alter these settings by editing the web.config file.
Follow these steps to modify the default values for brute force detection:
- Open the web.config file in Notepad. By default, this file can be found in C:\Program Files\SmarterTools\SmarterStats\MRS.
- To edit the number of attempts before block, look for this line of code:
<add key="Login.BruteForceDetection.TriesBeforeBlock" value="10" />
- Edit the value to reflect the number of failed attempts the user can make before the block is implemented.
- To edit the block time, look for this line of code:
<add key="Login.BruteForceDetection.BlockTime" value="5"/>
- Edit the value to reflect the amount of time, in minutes, that the block is maintained.
For more information about SmarterStats, please refer to the SmarterStats Online Help.
Learn more about SmarterStats, one of the best Google Analytics alternatives.