I like very much this plugin, I think it’s better than other ones that maybe are bloated and barely supported.
I have some requests that I hope you can accept.
First is about the login lockdown feature. It stores IP range (xxx.xxx.xxx.*) instead of the IP. This maybe is a stronger way of blocking an attacker, but can block legitimated users too.
When a login attack is performed from many IP addresses, is rarely done from a xxx.xxx.xxx.* range. And storing only this range, you avoid the admin to knowing the exact IP of the attacker. And that’s a very useful information for tracking down the IP on logs and other places.
So I think it would be much better to use the IP and not the IP range, or at least to add the real IP to information logged too.
A whitelist system would be a very nice feature too. So you can whitelist some IP or IP range from the login protection. Without it, sometimes legitimated users can be blocked due to this users trying to login again and again without contacting the admin… (damm users! ;)).
Any chance to see this?
- The topic ‘Feature requests: Login lockdown to show real IP (and not range) and whitelist’ is closed to new replies.