TsgcWebSocketFirewall › Methods › RegisterFailedAttempt
Application-level hook that records a failed authentication attempt from the given IP, feeding the BruteForce tracker and potentially triggering an automatic ban.
procedure RegisterFailedAttempt(const aIP: string);| Name | Type | Description |
|---|---|---|
aIP | const string | IPv4 or IPv6 address of the client whose authentication or protocol-level handshake just failed. |
BruteForce can only track what the application reports. Call RegisterFailedAttempt from any OnAuthentication, OnConnectAuth, JWT-validation or API-key handler when the credentials are rejected. Once MaxAttempts accumulate within BruteForce.TimeWindowSec the IP is automatically banned for BanDurationSec (extended by BanEscalation when enabled). The call also contributes to the threat score via the configured weight.
procedure TForm1.ServerAuthentication(Connection: TsgcWSConnection;
aUser, aPassword: string; var Authenticated: Boolean);
begin
Authenticated := (aUser = 'admin') and (aPassword = 'secret');
if not Authenticated then
sgcWebSocketFirewall1.RegisterFailedAttempt(Connection.IP);
end;