[web-dol-bruteforce]

; rule against bruteforce hacking (login + api)
enabled = true
port    = http,https
filter  = web-dolibarr-rulesbruteforce
logpath = /mypath/documents/documents/dolibarr.log
action  = %(action_mw)s
bantime  = 86400     ; 1 day
findtime = 3600      ; 1 hour
maxretry = 20        ; 20 login error in 1 hour, we ban