0
I Use This!
Activity Not Available
Analyzed 9 months ago.

Project Summary

django-axes is a very simple way for you to keep track of failed login attempts, both for the Django admin and for the rest of your site. The name is sort of a geeky pun, since axes can be read interpretted as:

"access", as in monitoring access attempts "axes", as in tools you can use hack (generally on wood). In this case, however, the "hacking" part of it can be taken a bit further: django-axes is intended to help you stop people from hacking (popular media definition) your website. Hilarious, right? That's what I thought too! Requirementsdjango-axes requires Django 1.0 or later. The application is intended to work around the Django admin and the regular django.contrib.auth login-powered pages.

InstallationDownload django-axes using one of the following methods:

easy_installYou can download the package from the CheeseShop or use

easy_install django-axesto download and install django-axes.

Package DownloadDownload the latest .tar.gz file from the downloads section and extract it somewhere you'll remember. Use python setup.py install to install it.

Checkout from MercurialExecute the following command (or use the equivalent function in a GUI such as TortoiseHg), and make sure you're checking django-axes out somewhere on the PYTHONPATH.

hg clone http://django-axes.googlecode.com/hg django-axes
hg clone http://bitbucket.org/codekoala/django-axesCheckout from GitHubExecute the following command, and make sure you're checking django-axes out somewhere on the PYTHONPATH.

git clone git://github.com/codekoala/django-axes.gitVerifying InstallationThe easiest way to ensure that you have successfully installed django-axes is to execute a command such as:

python -c "import axes; print axes.get_version()"If that command completes with some sort of version number, you're probably good to go. If you see error outout, you need to check your installation (I'd start with your PYTHONPATH).

ConfigurationFirst of all, you must add this project to your list of INSTALLED_APPS in settings.py:

INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
...
'axes',
...
)Next, install the FailedLoginMiddleware middleware:

MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'axes.middleware.FailedLoginMiddleware'
)Run manage.py syncdb. This creates the appropriate tables in your database that are necessary for operation.

Customizing AxesYou have a couple options available to you to customize django-axes a bit. These should be defined in your settings.py file.

AXES_LOGIN_FAILURE_LIMIT: The number of login attempts allowed before a record is created for the failed logins. Default: 3 AXES_LOCK_OUT_AT_FAILURE: After the number of allowed login attempts are exceeded, should we lock out this IP (and optional user agent)? Default: True AXES_USE_USER_AGENT: If True, lock out / log based on an IP address AND a user agent. This means requests from different user agents but from the same IP are treated differently. Default: False UsageUsing django-axes is extremely simple. Once you install the application and the middleware, all you need to do is periodically check the Access Attempts section of the admin. A log file is also created for you to keep track of the events surrounding failed login attempts. This log file can be found in your Django project directory, by the name of axes.log. In the future I plan on offering a way to customize options for logging a bit more.

By default, django-axes will lock out repeated attempts from the same IP address. You can allow this IP to attempt again by deleting the relevant AccessAttempt records in the admin.

Tags

auditing authentication django login security

In a Nutshell, django-axes...

 No code available to analyze

Open Hub computes statistics on FOSS projects by examining source code and commit history in source code management systems. This project has no code locations, and so Open Hub cannot perform this analysis

Is this project's source code hosted in a publicly available repository? Do you know the URL? If you do, click the button below and tell us so that Open Hub can generate statistics! It's fast and easy - try it and see!

Add a code location

MIT License
Permitted

Commercial Use

Modify

Distribute

Sub-License

Private Use

Forbidden

Hold Liable

Required

Include Copyright

Include License

These details are provided for information only. No information here is legal advice and should not be used as such.

This Project has No vulnerabilities Reported Against it

Did You Know...

  • ...
    there are over 3,000 projects on the Open Hub with security vulnerabilities reported against them
  • ...
    learn about Open Hub updates and features on the Open Hub blog
  • ...
    in 2016, 47% of companies did not have formal process in place to track OS code
  • ...
    you can embed statistics from Open Hub on your site

 No code available to analyze

Open Hub computes statistics on FOSS projects by examining source code and commit history in source code management systems. This project has no code locations, and so Open Hub cannot perform this analysis

Is this project's source code hosted in a publicly available repository? Do you know the URL? If you do, click the button below and tell us so that Open Hub can generate statistics! It's fast and easy - try it and see!

Add a code location

Community Rating

Be the first to rate this project
Click to add your rating
   Spinner
Review this Project!
Sample ohloh analysis