Plugin Author
AITpro
(@aitpro)
You can use htaccess code conditions to do things based on time.
RewriteCond %{TIME_HOUR}
http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond
I am currently looking at how much value something like that idea actually has. ie if something is already protected 24*7*365 then the question is does adding an additional time condition add any more value/benefit. I think it might be worth adding to BPS, but I would need to run it through scenarios and testing to see if it is worth adding or not.
Hypothetical usage example:
Let’s say you do not want to allow any logins on your website between the hours of X and Y.
# EXPERIMENTAL: BRUTE FORCE LOGIN PAGE PROTECTION WITH TIME CONDITION
# Protects the Login page from SpamBots, HackerBots & Proxies
# that use Server Protocol HTTP/1.0 or a blank User Agent
# Experimental: Time Condition denies logins between the hours of 11PM and 8AM
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$ [OR]
# 23 time format = 2300 hours/11PM server time
RewriteCond %{TIME_HOUR} >23 [OR]
# 08 time format = 0800 hours/8AM server time
RewriteCond %{TIME_HOUR} <08
RewriteRule ^(.*)$ - [F]
Thread Starter
mrppp
(@mrppp)
OK, maybe best to wait, if you think it is worth having i,m sure you will include at a later date.
Plugin Author
AITpro
(@aitpro)
I believe it is going to fall into the “novelty/gimmick” category, but maybe I just have not thought of a practical usage yet. Would have to fiddle around with scenarios.
