Whitelist to bypass all rules

On the options page is “Alert me when someone with administrator access signs in” checked?

tim

Hi Tim,

Thanks for responding.

Yes, it is. I know I can uncheck this, but then I won’t get a message if someone logged in as administrator from an outside IP.

I thought that the alert option would be by passed too, since the by pass option is about by passing all rules.

Michael

Tested this and I can see that when I add the ip to whitelist and have box checked for emailing when an admin signs on an email is sent. IP bypass does not work for this. I’ll make a note and file a bug report and post here when the dev team gets to it.

The only reason I can think of is what if someone steals your credentials? Then the only way you’d know they were accessing the site, hopefully because you don’t share your credentials, right?) was if we sent you an email. Believe it or not, this happened on a site I managed a few years back to another admin’s account.

tim

Thanks for testing. I agree that you won’t get notice when someone logs in with stolen credentials. The person still has to be logging in from the same IP though, since it’s a by pass based on IP.

Another option could be to make a checkbox next to the whitelist rule that says: Also include administrator login messages.

Michael

Or a box that says “don’t alert for logins from these users”.

Out of curiosity, can you try adding your username to the box beside “List of comma separated usernames to ignore:” under live traffic and see if that helps or not (not near my server so I cant test right now)

tim

Added IP address an username under live traffic, but still get the message that I logged in. IP is still in the whitelist under other options as well.

Waited to respond here to make sure if it had impact or not.

Michael