Jetpack Protect and WordPress Multisite

Resolved gabbuz
(@gabbuz)

9 years, 1 month ago

Hello,
I was wondering why you inserted the new JetPack Protect (BruteProtect.com) service in every blog instead of WordPress Network level.

I manage a WordPress Network install and I have BruteProtect activated at Network level, since it’s in my interest to activate this feature for every blog and not let users activate this for their blog (they neither know what a bruteforce attack is 😀 ).

I would love to see the Jetpack Protect feature active as Network level and let just the Super-Admins manage this.

Hope to hear a feedback for you. Thanks 😀

https://wordpress.org/plugins/jetpack/

Viewing 5 replies - 1 through 5 (of 5 total)

Plugin Author Jeremy Herve
(@jeherve)

Jetpack Mechanic 🚀

9 years, 1 month ago

If Jetpack is installed on the blogs in your network, Protect was automatically activated when you updated Jetpack, so your users shouldn’t have to do anything.

However, We’re thinking about adding a global security tab to WordPress.com to allow you to change whitelist settings on all your connected Jetpack sites at once:
https://github.com/Automattic/jetpack/issues/1842

Would that help?

Thread Starter gabbuz
(@gabbuz)

9 years, 1 month ago

Thanks Jeremy for the feedback, but what happens in case a blog is not connected to Jetpack (maybe because the user doesn’t care about it)? Would the Protection feature be active anyhow like with BruteProtect?

The most interesting feature would be transfer totally the Protection feature settings into the Jetpack Network menu (from <website URL>/wp-admin/network/admin.php?page=jetpack-settings), exactly like BruteProtect works now.

What do you think?

Plugin Author Jeremy Herve
(@jeherve)

Jetpack Mechanic 🚀

9 years, 1 month ago

what happens in case a blog is not connected to Jetpack (maybe because the user doesn’t care about it)? Would the Protection feature be active anyhow like with BruteProtect?

Protect wouldn’t be active, no. But you can connect any unconnected sites from your Multisite Network admin, under the Jetpack menu. That should help you take care of any outliers.

The most interesting feature would be transfer totally the Protection feature settings into the Jetpack Network menu (from <website URL>/wp-admin/network/admin.php?page=jetpack-settings), exactly like BruteProtect works now.

That seems like it could be useful indeed. I took note of your suggestion here, and we’ll consider it:
https://github.com/Automattic/jetpack/issues/1861

Thread Starter gabbuz
(@gabbuz)

9 years, 1 month ago

Thank you Jeremy, hope to see the new configuration page in Jetpack 3.5; until then, I’ll keep the BruteProtect plugin on.

I would have another question about Protect feature: does the Protect feature provide a control against XMLRPC bruteforce attacks, insted of just the login-page attacks?

Plugin Author Jeremy Herve
(@jeherve)

Jetpack Mechanic 🚀

9 years, 1 month ago

does the Protect feature provide a control against XMLRPC bruteforce attacks, insted of just the login-page attacks?

It’s just used on the login page so far, but extending the module to protect more areas of your site is on our radar!

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Jetpack Protect and WordPress Multisite’ is closed to new replies.

Tags