PHPackages aertmann/brute-force - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. aertmann/brute-force ActiveNeos-package[Security](/categories/security) aertmann/brute-force ==================== Simple brute-force prevention (account locking) for Flow 3.0.0(3y ago)51.3k—0%2MITPHP Since May 4Pushed 3y ago2 watchersCompare [ Source](https://github.com/aertmann/brute-force)[ Packagist](https://packagist.org/packages/aertmann/brute-force)[ RSS](/packages/aertmann-brute-force/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (5)Dependencies (2)Versions (6)Used By (0) AE.BruteForce ============= [](#aebruteforce) [![Scrutinizer Code Quality](https://camo.githubusercontent.com/85c94c90dc9fc11224f6855e533c1fd7f9055ce15d1cdf51252fef2f42e0d23a/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f616572746d616e6e2f62727574652d666f7263652f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/aertmann/brute-force/?branch=master)[![Latest Stable Version](https://camo.githubusercontent.com/ffa2bd573bb528e73f28050a9d142accf11f8126dad60af27ad129d3863fdc5e/68747470733a2f2f706f7365722e707567782e6f72672f616572746d616e6e2f62727574652d666f7263652f762f737461626c65)](https://packagist.org/packages/aertmann/brute-force)[![Total Downloads](https://camo.githubusercontent.com/c4861de95b160c06aa68a6864a9c50777b10d9ef96db624874c858db4fbfcbbc/68747470733a2f2f706f7365722e707567782e6f72672f616572746d616e6e2f62727574652d666f7263652f646f776e6c6f616473)](https://packagist.org/packages/aertmann/brute-force)[![License](https://camo.githubusercontent.com/7b55080995ca0e3698672fe04d5db562c5b6e2aa3cfb24bc73c55df7f14e7c80/68747470733a2f2f706f7365722e707567782e6f72672f616572746d616e6e2f62727574652d666f7263652f6c6963656e7365)](https://packagist.org/packages/aertmann/brute-force) Introduction ------------ [](#introduction) This package provides simple brute-force prevention (account locking) for Neos/Flow. A notification email can be send to an administrator when an account has been locked. Compatible with Neos 3.x or later / Flow 4.x or later (tested until 7.3) Be aware that there are ways to circumvent this protection and it can be misused, see [Blocking Brute Force Attacks](https://www.owasp.org/index.php/Blocking_Brute_Force_Attacks) for more information. Note that the threshold is disabled in development context by default. To override it, create a `Settings.yaml`configuration file inside a `Development` folder inside a `Configuration` folder. Installation ------------ [](#installation) `composer require "aertmann/brute-force:~2.0"` Configuration ------------- [](#configuration) Failed attempts threshold and notification mail can be configured in [`Settings.yaml`](Configuration/Settings.yaml). ### Health Score 34 — LowBetter than 77% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity24 Limited adoption so far Community11 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 92.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~637 days Total 5 Last Release 1109d ago Major Versions 1.0.2 → 2.0.02018-08-22 2.0.0 → 3.0.02023-04-26 ### Community Maintainers ![](https://www.gravatar.com/avatar/c819857c685a2d64de5663053737334fbff05bfa2ad6d353435e9b5c3f6257a0?d=identicon)[aertmann](/maintainers/aertmann) --- Top Contributors [![aertmann](https://avatars.githubusercontent.com/u/903567?v=4)](https://github.com/aertmann "aertmann (12 commits)")[![Benjamin-K](https://avatars.githubusercontent.com/u/3098031?v=4)](https://github.com/Benjamin-K "Benjamin-K (1 commits)") --- Tags securityflowNeosbrute force ### Embed Badge ![Health badge](/badges/aertmann-brute-force/health.svg) ``` [![Health](https://phpackages.com/badges/aertmann-brute-force/health.svg)](https://phpackages.com/packages/aertmann-brute-force) ``` ### Alternatives [phpseclib/phpseclib PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. 5.6k434.8M1.3k](/packages/phpseclib-phpseclib)[defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M212](/packages/defuse-php-encryption)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M112](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[spatie/laravel-csp Add CSP headers to the responses of a Laravel app 8519.6M19](/packages/spatie-laravel-csp)[maba/gentle-force-bundle Symfony bundle that integrates gentle-force library for limiting both brute-force attempts and ordinary requests, using leaky/token bucket algorithm, based on Redis 53517.6k1](/packages/maba-gentle-force-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)