Merge #2932

2932: Add FAQ entry for deleting IPs from rate limiter r=mergify[bot] a=sholl

## What type of PR?

enhancement of documentation

## What does this PR do?

adds an FAQ-entry how to manually delete an IP from rate limiter

### Related issue(s)
- closes #2856 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Stephan Holl <stephan@holl-land.de>
Co-authored-by: Stephan Holl <1610827+sholl@users.noreply.github.com>

docs/configuration.rst

@@ -40,6 +40,8 @@ address.
 The ``WILDCARD_SENDERS`` setting is a comma delimited list of user email addresses
 that are allowed to send emails from any existing address (spoofing the sender).
 
+.. _AUTH Ratelimit:
+
 The ``AUTH_RATELIMIT_IP`` (default: 5/hour) holds a security setting for fighting
 attackers that attempt a password spraying attack. The value defines the limit of
 authentication attempts that will be processed on **distinct** non-existing

docs/faq.rst

@@ -438,6 +438,31 @@ Proceed as following for deleting an user:
 
 .. _`github project`: https://github.com/Mailu/Mailu/
 
+
+How to unblock an IP from rate limiter manually?
+````````````````````````````````````````````````
+
+To manually unblock an IP from the rate limiter do the following on your CLI:
+
+.. code-block:: bash
+
+  # list the limited networks (this is not the IP, but only the network part according to AUTH_RATELIMIT_IP_V4_MASK
+  $ docker compose exec redis redis-cli -n 2 --scan --pattern 'LIMITER/auth-ip/*'
+
+  # remove from rate limiter
+  $ IP=8.8.8.8; docker compose exec redis redis-cli -n 2 --scan --pattern "LIMITER/auth-ip/${IP}/*" \
+  | xargs -r docker compose exec -T redis redis-cli -n 2 DEL
+
+Consider using :ref:`AUTH tokens` for your users. Token-based authentication is exempted from rate limits!
+
+Also have a look at the configuration parameters
+``AUTH_RATELIMIT_EXEMPTION`` and ``AUTH_REQUIRE_TOKENS``. More on
+:ref:`Rate limiting<AUTH Ratelimit>` and :ref:`advanced settings<advanced_settings>`.
+
+*Issue reference:* `2856`_.
+
+.. _`2856`: https://github.com/Mailu/Mailu/issues/2856
+
 Changes in .env don't propagate
 ```````````````````````````````
 

docs/webadministration.rst

@@ -167,6 +167,8 @@ Click the submit button to apply settings. With the default polling interval, fe
 Make sure ``FETCHMAIL_ENABLED`` is set to ``true`` in ``mailu.env`` to enable fetching and showing fetchmail in the admin interface.
 
 
+.. _AUTH tokens:
+
 Authentication tokens
 ---------------------