Login security plugins & the hook order

  • I’ve been using four major methods to help with our site’s admin login security (in addition to keeping all code versions up to date).
    1.Specific addresses in .htaccess
    2.Limit Login Attempts plugin
    3.BruteProtect plugin
    4.Clef plugin

    At first they all worked together nicely. But recently it seems the order they are called prevents them from protecting access as desired.

    The order should be:
    .htaccess
    Clef
    BruteProtect
    Limit Login

    But, all addresses are now getting past the .htaccess filter as though it wasn’t in place and all the login attacks are only being caught by the Limit Login Attempts plugin (getting around both Clef and BruteProtect). This just started happening right after I updated the theme (Genesis) on Tuesday this week. Before that all was well.

    Any idea how to force a reordering, or is something else amiss?

    Site: https://www.glutenfreecanteen.com

    Thanks,
    Tim

  • The topic ‘Login security plugins & the hook order’ is closed to new replies.