Limit Login Attempts
[resolved] Can a hacker fake the IP address and get past this blocker? (3 posts)

  1. MNL345
    Posted 4 years ago #

    I've heard that hackers can falsify their IP address or even leave it blank so the server cannot read anything. Would this plugin be able to detect a number of invalid attempts on a single login name if they came from multiple, sufficiently diverse IP addresses? If not, could you please include in the next version this additional ability?

  2. johanee
    Plugin Author

    Posted 4 years ago #

    No, they cannot use a false IP address to make login attempts.

    As for an attempt using a large number of IP addresses (many computers): it doesn't really help the attacker much as long as you have a good password (12+ truly random characters). We're talking age of the universe time-frames here.

  3. Vezado
    Posted 3 years ago #

    They could use a proxy, tor or other anonymizing service to access the site from different addresses, but as johanee stated the most important thing is having a good password that makes brute forcing a password essentially impossible.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Limit Login Attempts
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic