Is it possible to restrict to the Registration page only

  • My site is set up so when someone registers they are sent a registration email that then takes them to a url to set their password.

    Unfortunately, from 10,885 emails over 312days there have been around 56 complaints, which is enough for Amazon SES to put the account under review and if the situation isn’t resolved they will stop all email being sent.

    I added this plugin in the hope that the majority of the people signing up with either other people email addresses or their own email addresses but then marking it as spam are using Proxies or VPN to do it, but I only really want the blocking on the registration page. Once people have verified their email I don’t mind them using proxies/vpn to login and access the backend, but I can’t see an option that restricts the blocking to registration only. Is there any way to do this?

    • This topic was modified 2 years, 2 months ago by kodestar.
Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter kodestar

    (@kodestar)

    It’s a similar request to this – https://www.ads-software.com/support/topic/allow-logins-with-vpn/ however, the suggestion in that doesn’t really work. That is because, if a user goes to the login link first then they are marked as not a proxy user, then they are cached as a good ip by the plugin for 30 minutes (or whatever you have configured) then they are free to hit the registration url without being checked.

    I guess I could set the known good ip cache to 0 as it’s pretty useless when I only want to protect registration anyway, as someone isn’t going to be registering or logging in very often.

    *edit* No I was wrong on that, while it says “you can set this to between 0 and 240 mins (4hrs)” in the text the min value you can set is actually 10m

    • This reply was modified 2 years, 2 months ago by kodestar.
    • This reply was modified 2 years, 2 months ago by kodestar.
    Plugin Author Proxy & VPN Blocker

    (@rickstermuk)

    Hi Kodestar, Apologies for slow reply,

    If I understand your query correctly then no, I don’t think that is possible, you can add your registration page to the list of blocked pages and turn off “protect on login/Auth” under the Advanced tab, but that might introduce other issues.

    I think I will have to look into this further.

    Rick.

    Thread Starter kodestar

    (@kodestar)

    Thanks Rick. I don’t think that will work as the registration page is the built in wp-login.php?action=register

    Thread Starter kodestar

    (@kodestar)

    @rickstermuk Maybe a simpler change for now would be to allow disabling “Known Good IP Cache”? I manually set the value to 0 by modifying the value in the dom before saving but then realised when looking through the code that this would have the opposite effect of what I wanted and created a transient that never expires.

    Maybe instead of:

    						set_transient( 'pvb_' . get_option( 'pvb_proxycheckio_current_key' ) . '_' . $visitor_ip_address, time() + 1800 . '-' . 0, 60 * get_option( 'pvb_proxycheckio_good_ip_cache_time' ) );

    Something like:

    						if (get_option( 'pvb_proxycheckio_good_ip_cache_time' ) > 0) set_transient( 'pvb_' . get_option( 'pvb_proxycheckio_current_key' ) . '_' . $visitor_ip_address, time() + 1800 . '-' . 0, 60 * get_option( 'pvb_proxycheckio_good_ip_cache_time' ) );

    And then set the min value to 0 instead of 10, or have an extra option pvb_proxycheckio_good_ip_cache_disabled and check if that is set or not

    • This reply was modified 2 years, 2 months ago by kodestar.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Is it possible to restrict to the Registration page only’ is closed to new replies.