Anti-Abuse for servers at authentication time

View on GitHub

Weakforced Documentation

Welcome to the documentation site for weakforced. Weakforced is an open-souce anti-abuse engine for authentication systems, acting as a policy decision point for email systems, web portals and any other type of system that is open to authentication abuse on the Internet. Weakforced is in production at sites hosting email for over 20 million customers, so it scales extremely well.

Here you will find all the manpages for weakforced, which are the primary documentation source. You’ll also find an overview of the main features.

These pages are for detailed technical documentation; for details about building, getting started, and testing see the main repo README.

To see documentation on the wforce docker image, go here

Go here for release information.

Wforce Daemon

The wforce daemon is the main point of integration with authentication systems, and several products are pre-integrated with it, including Dovecot and OX AppSuite.

Main Features

Trackalert Daemon

The trackalert daemon provides a mechanism to run arbitrary Lua code based on either a wforce “report” event and/or on a scheduled basis. This is often used to trigger lookups into databases such as Elasticsearch to find anomalous login events.

Wforce is pre-integrated with trackalert - you can just create a webhook on “report” events, providing the address and authentication details for the trackalert server.