Sign-in attempt error

I’ve been testing signin between different accounts with different profile (contributor, admin, just a member). They all belong to a different email respectively. Now I’m getting a rate-limit error I suppose, as I’m seeing a “Too many different sign-in attempts, try again in 10 minutes” error message.

Does this mean that, in the case where there’re huge traffic to our blog where users try to sign in as contributors/members, they might face this issue of having to wait for cooldown?

Also, if I’m using one of the standard themes (e.g. headline). Is it possible for me to update the default account modal display such that I can show different fields? and how could Ghost save this field? It would be nice to be able to custom add a field even with standard themes.

Thank you.

The rate limit takes the IP address into account, that’s why it got triggered in your case.

In case of traffic on your site, this should not affect individual users, unless they share an IP address.

If you’re self hosting your site and/or have a reverse proxy in front of it, make sure that the client IP is passed through, rather than the proxy IP, then you should be good. The managed hosting options should do this out of the box.

1 Like