WordPress.org

Support

Support » Plugins and Hacks » Login Security Solution » [Resolved] Full IP address

[Resolved] Full IP address

Viewing 9 replies - 1 through 9 (of 9 total)
  • I see this in the source code:

    * The "network" component for IPv4 is the first three groups ("Class C")
    * while for IPv6 it is the first four groups.
    

    I don’t think that is correct, because there’s virtually no practical way to know the network component for a foreign IP that connects to us. I’m curious to know why the plugin author made such an arbitrary choice.

    And of course, why he’s using the above information rather than the full IP in the notification email.

    Plugin Author Daniel Convissor

    @convissor

    Hi George:

    The address shown in the email is the address used for the counting/blocking.

    All of the login checking WordPress plugins use the network component approach.

    Thanks.

    Is there a way through WordPress to check the full IP, or is that something I have to check in the logs? Thanks.

    Plugin Author Daniel Convissor

    @convissor

    It’s in the <prefix>_login_security_solution_fail table.

    Plugin Author Daniel Convissor

    @convissor

    It’s in the <prefix>_login_security_solution_fail table.

    Kind of hoping not to have to get into the database to see it. Any way to update the email so it includes the full IP?

    Plugin Author Daniel Convissor

    @convissor

    No, sorry.

    Hi.

    I was checking some attacks at the moment and I have some doubts about how works that plugin.

    I recive the email notifications and I can manualy check the ip in the database.

    Using multiple plugins to check the “ip visitors” I can check that there are no connections with the IP attacker.

    Is normal that some attackers can bypass the “stats” of these plugins?

    ANother question is.

    With a plugin to manually ban IP address, I continue to recive emails with “attacks”. I am using the “Simple IP Ban” plugin. Is that normal?

    Is it posible to add a feature to ban IP directly from your plugin?

    Or auto-ban temporary the IP address during X days and after Y number of attemps?

    Thanks

    Thanks

    Hi angifox!

    Convissor, the plugin author, explains in the FAQs his preference to to slow down and log the attacker instead of an outright ban.

    If, however, you have your heart set on banning miscreants, you may want to try making edits to your htaccess file. PerishablePress.com has some great copy and paste htaccess blacklist edits to get you started that are broader than individual IP blocking.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘[Resolved] Full IP address’ is closed to new replies.
Skip to toolbar