Blocking User Name – Black List

  • Resolved mwarbinek

    (@mwarbinek)


    8 years, 7 months ago

    In the options page, we can list out the user names that we want blocked on first attempt, which is to thwart the hackers from returning each time with a different IP to force repeated entries using the same user name and different passwords.

    Here is the question.

    Is this list “Case sensitive”?
    Example: Is “admin” different from “Admin” or “ADMIN”?

    https://www.ads-software.com/plugins/wordfence/

Viewing 5 replies - 1 through 5 (of 5 total)

  • Hello Mark,
    it’s case insensitive. Strings are converted to lowercase before they are compared.

    Thread Starter mwarbinek

    (@mwarbinek)

    Thanks for the reply. I just wish to understand what you said, when you said the strings are converted to lowercase before they are compared.

    How does that translate to a user name shown as “ADMIN” versus ‘admin’?

    If the string “ADMIN” is converted to lower case of “admin” and compared to ‘admin’, are they not the same and one cancels out?

    Hello again Mark,
    when both strings that are to be compared are converted to lowercase it will result in a match on the blocking pattern. So if you add “admin” it will block anyone trying to log in with “admin”, “ADMIN” or “aDmiN”.

    Thread Starter mwarbinek

    (@mwarbinek)

    Ah, that is much clearer.

    Ok, so to add in “ADMIN” and ‘admin’ is not required, all I need to do is just add the string in lower case and it will cover all variations including case sensitive variations of the same string.

    Got it. ??

    I see that I should be more precise in my question which was my fault. I should have asked “Do I need to add case sensitive versions of the same word to cover case sensitive variations”.

    Thanks for the help.

    It’s alright Mark glad we were able to sort it. ??

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Blocking User Name – Black List’ is closed to new replies.