You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Similar to #507 - the path protection rate limiting doesn't currently work for admin paths, since there is no plugin for the admin request dispatcher.
Primary use case from my POV is submission of OTP codes to the Magento_TwoFactorAuth module (bruteforce prevention).
Should be a reasonably easy fix, but will be a little harder than just adding 3 lines of di.xml like in the graphql case, since the adminhtml area doesn't use the same entrypoint and so there will be some duplication into a suitably-located plugin or some refactoring such that all area codes are covered.
The text was updated successfully, but these errors were encountered:
Similar to #507 - the path protection rate limiting doesn't currently work for admin paths, since there is no plugin for the admin request dispatcher.
Primary use case from my POV is submission of OTP codes to the Magento_TwoFactorAuth module (bruteforce prevention).
Should be a reasonably easy fix, but will be a little harder than just adding 3 lines of di.xml like in the graphql case, since the adminhtml area doesn't use the same entrypoint and so there will be some duplication into a suitably-located plugin or some refactoring such that all area codes are covered.
The text was updated successfully, but these errors were encountered: