Require authentication block

The require authentication block allows you to specify IP/hosts of users that need to authenticate to a valid services account during connecting. This could, for example, be used to ban an ISP that is known for troublemakers, while still allowing legit users in from that IP if they have a valid account. Or, it can be used to simply require authentication for all users.

Authentication by the user is done either by using SASL (the recommended method) or via authprompt that will ask non-SASL users to authenticate interactively by typing.

Syntax
require authentication { mask ; reason ; };

The mask is a wildcard string of a user@host to ban and the reason is the reason for the requirement. The reason is shown when the user is trying to connect without authentication.

Note that require authentication blocks configures a local requirement. The user may still connect to other servers on the network.

Example
require authentication { mask *@*.tld; reason "Too many abusers from this country, please authenticate"; };

Similar functionality
The same can be achieved online (on IRC) by adding a "soft kline": /KLINE %*@*.tld Too many abusers from this country, please authenticate The % prefix (percent symbol) will make it only ban unauthenticated users.

See also the Authentication article for all the different ways and possibilities to force authentication.