CloudFlare report
-
Could I detect a lockout by:
function errorlog_failure_shake($error_codes) { if (in_array('too_many_retries', $error_codes)) error_log('LLA: CloudFlare ban IP'); return $error_codes; } add_filter('shake_error_codes', 'errorlog_failure_shake', 100000);
It works only in downloaded login forms.
Not working on- auth cookies
- DoS HTTP/HEAD requests to wp-login
- DoS requests to pw reset, signup
Could you do a do_filter(‘limit_login_lockout’) every time LLA finds out there is a lockout?
e.g. I would add_filter() sleep or IP blocking to offload my server or error_log or write a rule to .htaccess etc.https://www.ads-software.com/extend/plugins/limit-login-attempts/
- The topic ‘CloudFlare report’ is closed to new replies.