Product suggestion: blacklist login failure IPs

  • Resolved batteriesInc

    (@batteriesinc)


    5 years, 5 months ago

    Hi,

    Just set up a test website, and within hours I had login attempts from OVH hosted hackers from all over the planet (Montreal, France, Dublin, Lithuania – every single IP address traced back to OVH) before I changed the wp-admin URL.

    What was interesting was that all those logins were for the correct, non-admin user name (! – no idea how that is possible, but that’s for later), something I would not have noticed if it wasn’t for the fact that installing AIOWPS is about the first thing I do (I was just slow going through all the options). However, it also made me realise there is a function that I’d love to see added: the ability to sling the IP addresses of failed login attempts straight into the blacklist.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi,

    In the next update the developers will add the ability to add IP addresses to the Permanent Block List for other sections in the plugin, such as failed logins, 404 list, etc. You can read more about it from the following support thread.

    Let me know if this is what you are referring too.

    Thank you

    Thread Starter batteriesInc

    (@batteriesinc)

    Hi, yes, that appears to cover it, but it does highlight another possible feature request: a possibility to choose the blacklist to be placed in .htaccess instead of it being handled in PHP.

    There are arguments for either, so it would be good if the user had the choice.

    Thanks for the exceptionally quick response!

    Thread Starter batteriesInc

    (@batteriesinc)

    Almost forgot.

    Issue resolved and now marked as such to help your statistics, thank you.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Product suggestion: blacklist login failure IPs’ is closed to new replies.

Tags