DavidFB

Mores:
Most blog articles display the authors name. This often matches the username but thats easy enough to change in Users

WPEngine also installs it be default.
It’s not listed in Plugins.

Just a note that there is also a plugin Whitelist for LLA, that allows you to easily add IP’s for admins.

Well – I think it’s a good idea. The main hack attempts I get are to admin, Administrator, test, and the main blogging account.

I’d further mention that it would be useful to display the date in the logs. Very useful that it shows the log but without the date, theres little context.

I’d agree with Jon Brown.

Just because the hack placed the files inside the plugins folder and the scan ID’d that as the “source” does not mean it was a flaw in the plugin. If you have system access, you can place stuff anywhere.

Lots of hacks mask their activity by hiding in other places. This one apparently uses LLA as the hiding place because it’s a popular plugin.

Uninstalling LLA will remove that repository location but odds are good it won’t block or solve the hack. Hacks are typically sophisticated enough to use multiple possible deposit locations.

Thus, uninstalling LLA probably would not block the hack.

If it’s depositing sales pages, it’s using the site to serve the pages. How is it making them visible on the web? Who is it reporting to?

As mentioned by others, secure sites like WPEngine install LLA by default. As they also block security problems, plugins that thrash the database or related posts plugins that bog servers, it’s a pretty strong endorsement. I use this plugin happily.

https://wpengine.com/support/disallowed-plugins/

thereigo
If a computer of any kind is online, it will get noticed by both search bots and hacker bots. If you use fancy techniques in Google, for example, it will display peoples personal file stashes on servers that are unlinked on the web.

Just because you have an unlinked server, it still has an IP and is still accessible so will be found.

I used to have an old server I used solely for monitoring the status of other servers. It got attacked regularly.

The fact that the plugin logs attempts does not make the plugin the problem.

Y0mst3r
During domain distribution, the site will be variously available at the new domain. Follow your hosts instructions and use the IP address to access you site in the meantime.

Assuming this is what you mean.

And if you need urgent help, don’t post under a different subject.

Just to understand this better, it means hacker bots are seeing your username as a blog poster and then attempting to login with that account, testing various passwords.

It’s not a flaw in the plugin, its that your site is being attacked.

When you’re trying a new plugin, its useful not to make extreme settings. I have it set for a 12 min block, much longer if there is multiple lockouts. Thats worked fine. Lockouts are rare.

You may find it useful to a have a second Admin account that you don’t post from. And use strong passwords on both.

Agreed – in a widget.
Myself, I just selected some icons and linked them in a generic text widget. But matching ions would be superior.

Commonly placed with them is the third aspect of social sharing – feed links.

Actually, yes, being able to go straight to the modal menu2 that is mostly alpha sorted would be perfect.
Thanks!

That’s a different function. Different plugins.

As an experiment, I cranked menu1 up to 40. That increased the immediately available icons but most of the menu went up and out the window.

2 options that would help – a 3 wide option for menu1
and centre vertically in window option.

Thanks again.

I’d add my voice to this. I’d appreciate having it on Posts only, not Pages. When it said “articles” I also assumed this.

Easy enough to add custom CSS to my theme but I understand theme file edits are prone to be over-written on updates.

Wondering if this broke with the TinyMCE overhaul.

Do you mean posting user email?

You can see the poster in the Post list. Translate the email to poster (with this plugin) and you have what you need. Email address would not be captured in the Post info.