WordPress.org

Ready to get started?Download WordPress

Forums

Limit Login Attempts
Feature requests (2 posts)

  1. spiffywiffy
    Member
    Posted 2 years ago #

    Hello:

    First of all - great plugin - works well for us!

    Would it be possible to consider adding a feature that whitelists IP ranges? If it could be done using CIDR format or wildcards, that would work best. I realise this may work contrary to the goal of this plugin, but in our situation, it would be useful. Most of our users access our multi-site WP install from our internal network. Users get brain farts and end up locking themselves out needlessly. A whitelisting feature would reduce our support requirements. If the plugin could still deliver an informational message after X attempts directing users to support, but not lock them out, that would be great.

    Also, it would be great if the error messages could be customized from Dashboard plugin settings. This way, we could direct legitimate users accessing from external IP's who have clearly forgotten their password to a help desk. Could just edit code, but throwing it out there for possible inclusion.

    Thanks!

    http://wordpress.org/extend/plugins/limit-login-attempts/

  2. johanee
    Member
    Plugin Author

    Posted 2 years ago #

    Hi,

    I would strongly recommend against completely whitelisting internal adresses, for various reasons: insider attacks, wireless access, hacked desktops, etc. More lenient limits perhaps, but not complete whitelisting.

    Anyway, I have actually gotten a few questions about this kind of thing.

    I'm considering adding some filter hooks so that number of attempts and/or lockout time can be customized (perhaps based on IP). Would that work for you?

    It would require you to create a small custom plugin with whatever logic you require.

    Something similar could perhaps be done with the error messages.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic