Tip of the day: If you still have users on plaintext port 6667, consider enabling Strict Transport Security to gently move users to SSL/TLS on port 6697.

Require authentication block

From UnrealIRCd documentation wiki
(Redirected from Require sasl block)
Jump to navigation Jump to search

The require authentication block allows you to specify IP/hosts of users that need to authenticate to a valid services account during connecting. This could, for example, be used to ban an ISP that is known for troublemakers, while still allowing legit users in from that IP if they have a valid account. Or, it can be used to simply require authentication for all users.

Authentication by the user is done either by using SASL (the recommended method) or via authprompt that will ask non-SASL users to authenticate interactively by typing /AUTH nickname:password.

Syntax

require authentication {
	mask <hostmask>;
	reason <reason-for-ban>;
};

The mask is a user/hostmask and the reason is the reason for the requirement. The reason is shown when the user is trying to connect without authentication.

Note that require authentication blocks configures a local requirement. The user may still connect to other servers on the network.

Example

Simple example

require authentication {
	mask *@*.tld;
	reason "Too many abusers from this country, please authenticate";
};

Similar functionality

The same can be achieved online (on IRC) by adding a "soft kline": 

/KLINE %*@*.tld Too many abusers from this country, please authenticate

The % prefix (percent symbol) will make it only ban unauthenticated users.

See also the Authentication article for all the different ways and possibilities to force authentication.

Retrieved from "https://www.unrealircd.org/docwiki/index.php?title=Require_authentication_block&oldid=13943"