Keep track of failed login attempts in Django-powered sites.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dependabot[bot] 6013b1e9fb Bump tox from 3.25.0 to 3.25.1 7 days ago
.github Bump actions/setup-python from 3 to 4 3 weeks ago
axes Added Arabic translations 1 month ago
docs #897: Bugfix with wrong display of default value in docs 1 month ago
tests Migrate MD5 hashing to SHA256 2 months ago
.gitignore Add .vscode to .gitignore 1 year ago
.pre-commit-config.yaml Add .pre-commit-config.yaml 9 months ago
.prospector.yaml Rename pep8 to pycodestyle 2 months ago
CHANGES.rst Version 5.35.0 1 month ago Jazzband: Created local '' from remote '' 9 months ago
LICENSE Update author and licence information 3 years ago
README.rst Add supported Python and Django badges to README.rst 1 year ago
codecov.yml Raise minimum test coverage to 90% 3 years ago Move tests outside project source folder 2 years ago
mypy.ini Drop Python 3.5 support 3 years ago
pyproject.toml Adjust version matrix for testing 2 months ago
requirements-qa.txt Bump black from 22.3.0 to 22.6.0 1 week ago
requirements-test.txt Bump coverage from 6.4 to 6.4.1 1 month ago
requirements.txt Bump tox from 3.25.0 to 3.25.1 7 days ago Adjust package version requirements 6 months ago





PyPI release

Supported Python versions

Supported Django versions


GitHub Actions


Axes is a Django plugin for keeping track of suspicious login attempts for your Django based website and implementing simple brute-force attack blocking.

The name is sort of a geeky pun, since it can be interpreted as:

  • access, as in monitoring access attempts, or
  • axes, as in tools you can use to hack (generally on wood).


Axes records login attempts to your Django powered site and prevents attackers from attempting further logins to your site when they exceed the configured attempt limit.

Axes can track the attempts and persist them in the database indefinitely, or alternatively use a fast and DDoS resistant cache implementation.

Axes can be configured to monitor login attempts by IP address, username, user agent, or their combinations.

Axes supports cool off periods, IP address whitelisting and blacklisting, user account whitelisting, and other features for Django access management.


For more information on installation and configuration see the documentation at:


If you have questions or have trouble using the app please file a bug report at:


All contributions are welcome!

It is best to separate proposed changes and PRs into small, distinct patches by type so that they can be merged faster into upstream and released quicker.

One way to organize contributions would be to separate PRs for e.g.

  • bugfixes,
  • new features,
  • code and design improvements,
  • documentation improvements, or
  • tooling and CI improvements.

Merging contributions requires passing the checks configured with the CI. This includes running tests and linters successfully on the currently officially supported Python and Django versions.

The test automation is run automatically with GitHub Actions, but you can run it locally with the tox command before pushing commits.

Please note that this is a Jazzband project. By contributing you agree to abide by the Contributor Code of Conduct and follow the guidelines.