Does RabbitMQ support a method blocking brute force attacks?

[Junsu Jia]

For security, we need a method blocking brute force attacks, but I haven't found any information in RabbitMQ docs.

Does RabbitMQ support a method blocking brute force attacks?

[Michael Klishin]

 It throttles publishers when alarms are in effect or some internal parts of the broker do not keep up
with publishers:

https://www.rabbitmq.com/alarms.html
https://www.rabbitmq.com/memory.html
https://www.rabbitmq.com/disk-alarms.html
https://www.rabbitmq.com/connection-blocked.html
https://www.rabbitmq.com/blog/2015/10/06/new-credit-flow-settings-on-rabbitmq-3-5-5/

What specifically do you mean by "method blocking"? You can block all connections
that publish messages by setting memory watermark to a very low value (e.g. 1 MB). 

> --
> You received this message because you are subscribed to the Google Groups "rabbitmq-users"
> group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
> To post to this group, send an email to rabbitm...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

--
MK

Staff Software Engineer, Pivotal/RabbitMQ

[Junsu Jia]

Sorry for I mistaken describe.

If someone is using brute force to get our password of RabbitMQ, we need to block the user or reject its connections.

Does the server support that?

在 2016年3月25日星期五 UTC+8上午2:15:53，Michael Klishin写道：

[Michael Klishin]

No but failed authentication attempts are logged.

To post to this group, send email to rabbitm...@googlegroups.com.