• Resolved David100351

    (@david100351)


    Still working great, thanks.

    Following our earlier discussion about naive wordpress admins using “admin” as their login name, and the huge number of login attempts by spammers seeking to exploit that, I wonder if it might be useful and resource-friendly for us to exploit this as well?

    What I am suggesting is that you use a choice box for those of us who do NOT use admin as our username, which would allow your plugin to dispose of these login attempts without any further testing. Just send the data straight to honeypot and/or sfs

    https://www.ads-software.com/extend/plugins/stop-spammer-registrations-plugin/

Viewing 4 replies - 1 through 4 (of 4 total)
  • David,
    That’s a wonderful idea. That way when the robots start their dictionary attack, they are immediately cached as a bad IP.

    I am also going to add a hidden “no-follow” link that will be able to blacklist robots who are wandering the site looking for a place to comment. This is how “project honeypot” works, but the blacklist is local.

    Thanks,
    Keith

    Thread Starter David100351

    (@david100351)

    Thanks!
    If we could stop dictionary attacks being profitable it would save a lot of server time, webwide.

    Thread Starter David100351

    (@david100351)

    Hi, and betatest 4.3 is working fine for me, thanks.

    I notice that you didn’t implement this suggestion yet… hidden problems?

    I am out of work and not working much on the computer. I am spending my time working with my hands all day and not my mind. My laptop is not really a good development machine – slow and old.

    I hope to get a job eventually and then I’ll spend my lunch hours writing plugin code again.

    Keith

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Feature requestt’ is closed to new replies.