edmonaft

Ok, will work on renaming login page…
For the whitelisting, does it mean (once enabled and populated with IP), if my network is not on the list will unable to at least access the wp login page?

If it is possible to enhance Login Whitelist in a manner that if the IP is not in the whitelist, it is prevented to access WP-Login page.

Hi there,

I have not changed the Rename Login Page Settings yet.

Regarding options to try, here are already the existing settings under my Firewall prior to posting.
Basic Firewall Rules – all enabled
Additional Firewall Rules – all enabled
6G Blacklist Firewall Rules – checked 6G
Internet Bots – unchecked blocking of fake Googlebots (my SEO complained that my site traffic went down heavily)
Prevent Hotlinks – enabled
404 Detection – enabled ; Timeout 600 mins ; Lockout Redirect URL : https://localhost

For reference, here are my Login Lockdown settings
Unlock Requests – disablde
Max Login Attempts – 1
Login Retry – 10080 mins
Time of Lockout – 131400 mins
Display Generic Error Message – enabled
Instantly Lockout Invalid Usernames – enabled
Instantly Lockout Specific Usernames – (admin; test; etc)
Notify By Email – my email add

I’ve even enabled Google reCAPTCHA and enabled all options under Login Captcha.

So far, given that setup, I am still getting quite a lot new IPs (under Failed Login Records) almost every minute which are random IPs that are not my target audiences (ex: Russia, Ukraine, Germany, etc).

Another question is…

Since there is a Login Whitelist option already, is it possible to block all IPs (0.0.0.0 or *) accessing my WP Login page. That way, WP Login will only be accessible only on whitelisted IPs?

• This reply was modified 5 years, 6 months ago by edmonaft.
• This reply was modified 5 years, 6 months ago by edmonaft.

I just find both functions quite producing the same results. It seems that the difference is only within the DB. Otherwise, the IP is then allowed?

Which was why, it may be more convenient to of rather than providing unlock and delete, why not delete and block permanently instead?

Was thinking to request if it is possible to have a way to at least have a way to mark some temporary blocked IPs to permanent though ??

Are you referring too the following feature Instantly Lockout Invalid Usernames:?

Yes i do

You can use the Black List Manager tab for permanently locking out IP addresses.

Do i have to manually enter the IP I needed to block?

— sorry.. message deleted

• This reply was modified 5 years, 7 months ago by edmonaft.

Got it thanks! This resolved my query ??

Hi,

I did as instructed and assign one employee as HR manager under Permissions tab of the employee.

But when i clicked on HR Managers (or Line Managers), it just shows blank page still.

Also, I wonder how do i assign Line Managers?

Hey @wphrmanager,

Thanks a lot! ?? Great to hear that!

Hi @thebengalboy,

No worries. I am just taking a practice to always download the latest one from github to ensure that all latest fixes i get.

So far, the build prior to this latest works. Therefore I am keeping this for now until i can try a newer update to this current build.

Regards,

Hi @thebengalboy,

I am running XAMPP under Windows
In that directory there are 2 “composer” files that I don’t know how I can run under Windows.
– composer.json
– composer.lock

Thank you.

As I need to refer/show this to my office mate, it’s quite a bit inconvenient that every time i access the demo website, i had to
– verify the email address
– unlock payroll module

upon closing the window, i had to redo the process again including verifying to the same email address.

It’s working now when i use my gmail account

• This reply was modified 6 years, 1 month ago by edmonaft.

Email validation seems to work now using my gmail account
Also, the Payroll module needs to be activated through Plugins firstly.

Thank you!

• This reply was modified 6 years, 1 month ago by edmonaft.