WordPress.org

Ready to get started?Download WordPress

Forums

All In One WP Security & Firewall
[resolved] Feature requests: Login lockdown to show real IP (and not range) and whitelist (6 posts)

  1. Samuel Aguilera
    Member
    Posted 7 months ago #

    Hi!

    I like very much this plugin, I think it's better than other ones that maybe are bloated and barely supported.

    I have some requests that I hope you can accept.

    First is about the login lockdown feature. It stores IP range (xxx.xxx.xxx.*) instead of the IP. This maybe is a stronger way of blocking an attacker, but can block legitimated users too.

    When a login attack is performed from many IP addresses, is rarely done from a xxx.xxx.xxx.* range. And storing only this range, you avoid the admin to knowing the exact IP of the attacker. And that's a very useful information for tracking down the IP on logs and other places.

    So I think it would be much better to use the IP and not the IP range, or at least to add the real IP to information logged too.

    A whitelist system would be a very nice feature too. So you can whitelist some IP or IP range from the login protection. Without it, sometimes legitimated users can be blocked due to this users trying to login again and again without contacting the admin... (damm users! ;)).

    Any chance to see this?

    http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

  2. wpsolutions
    Member
    Plugin Author

    Posted 7 months ago #

    Hi Samuel,
    We are currently adding a whitelist feature and it will available in the next release of this plugin.

    Regarding the IP range vs IP address - hackers rarely stick with the same IP address so it is usually more efficient to block ranges of addresses rather than a single address.

    But you make a good point regarding the fact that it would informative for the admin to also know the actual address rather than the range.

    However due to time constraints we will have to put such a modification on the back burner because there are currently features we are working on which are more important than this.

  3. Samuel Aguilera
    Member
    Posted 7 months ago #

    Thank you for your kind and fast reply ;)

    I'm glad to hear that whitelist is coming :D

    About the IP range, yes you're right that hackers usually doesn't use only one IP, but in my experience they rarely use more that one IP in the same XXX.XXX.XXX.* range, it's more likely to see XXX.XXX.*.*

    That's why I think blocking the actual range it's not practical and would be better to block only the IP to avoid blocking legitimate users in the range.

    For the time being, what about simply adding the IP to email warning? It's very easy to do, you simply need to add one line to the send_notification_email, just this:

    $email_msg .= __('IP: '.$ip,'aiowpsecurity')."\n\n";

    Only one second needed to implement :)

  4. Samuel Aguilera
    Member
    Posted 7 months ago #

    By the way...

    If you add a filter hook to the send_notification_email, it'll be good too and then I'll do that (and others) modification without touching the plugin code.

  5. mra13
    Member
    Plugin Author

    Posted 7 months ago #

    Adding the blocked IP address to the email sounds like a good idea. We will look into that.

  6. Samuel Aguilera
    Member
    Posted 7 months ago #

    Thank you so much! ;)

    Have you thought about uploading the plugin to Github?

    A simple modification like this could be contributed by me if you add the plugin to Github.

Reply

You must log in to post.

About this Plugin

About this Topic