From 929c3d4477547f8d70ed99e1bb4b89ea6d22cb5e Mon Sep 17 00:00:00 2001
From: NI <nirui@gmx.com>
Date: Wed, 14 Aug 2019 17:25:00 +0800
Subject: [PATCH] Add a delay inside the key verification process.

---
 application/controller/socket.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/application/controller/socket.go b/application/controller/socket.go
index a10fa32..cfe59d5 100644
--- a/application/controller/socket.go
+++ b/application/controller/socket.go
@@ -189,6 +189,10 @@ func (s socket) Head(
 		return ErrSocketAuthFailed
 	}
 
+	// Delay the brute force attack. Use it with connection limits (via
+	// iptables or nginx etc)
+	time.Sleep(500 * time.Millisecond)
+
 	decodedKey, decodedKeyErr := base64.StdEncoding.DecodeString(key)
 
 	if decodedKeyErr != nil {