RDS-WebAccess Security Add-On
RDS-WebAccess Security Add-On is available as an Add-On on RDS-WebAccess AdminTool since the 11.40 release and is available on the Add-Ons tab of the 12 version:
You can find its full documentation on this page.
The brute-force attack defender enables you to protect your public server from hackers, network scanners and brute-force robots that try to guess your Administrator login and password. Using current logins and password dictionaries, they will automatically try to login to your server hundreds to thousands times every minute. Learn more about this feature on this page.
On the Web Portal
Brute-force attacks on the Web Portal are blocked when users enter wrong credentials.
After 10 attempts during a period of 10 minutes, the Web Portal will prohibit the user to logon for 20 minutes:
These are the default settings which are customizable on the hb.exe.config file located on the RDS-WebAccess folder:
RDS-WebAccess\Clients\www\cgi-bin\hb.exe.config in the "appSettings" paragraph.
You can check all blocked connections and logs on the Brute-Force Defender tile of RDS-WebAccess Security Add-On Ultimate Protection:
This functionality is visible and active after the first Web Portal connection.